| |
| |||||||
Log-Analyse und Auswertung: Bildschirm hängt fest, hochladen dauert ewigWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.05.2014, 18:55
| #1 |
 |  Bildschirm hängt fest, hochladen dauert ewig Hallöchen, alle miteinander! ich hab mal wieder Probleme mit meinem Laptop  Win 7, 64 bit das hochladen von Seiten dauert ebenso wie das grundsätzliche Starten des Laptops ewig lange. Auch ohne Internet dauert es ewig wenn ich andere Fenster, Dokumente und ähnliches aufrufen möchte...  Bitte um Eure Hilfe  DANKE LG Angel |
|
24.05.2014, 10:38
| #2 |
| /// the machine /// TB-Ausbilder    | Bildschirm hängt fest, hochladen dauert ewig hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
24.05.2014, 18:20
| #3 |
| | Bildschirm hängt fest, hochladen dauert ewig FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-05-2014
Ran by User (administrator) on USER-PC on 24-05-2014 19:11:09
Running from C:\Users\User\Documents\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Ascora GmbH) C:\Program Files (x86)\StartupStar\StartupStar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2013-11-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2013-11-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2013-11-18] (Lenovo)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM\...\Run: [Ashampoo HDD-Control 2 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe [3783592 2012-07-30] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [301568 2013-11-27] (Microsoft Corporation)
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {08ec65ea-bad7-11e3-a293-74de2b03ec9f} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {0faace18-85ea-11e3-8173-b870f43d656a} - I:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {14ec4178-a258-11e3-a140-b870f43d656a} - E:\Setup.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {4ea6ee92-e23d-11e3-a0c2-b870f43d656a} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {5cf96507-568b-11e3-be35-74de2b03ec9f} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {653351a5-b6e3-11e3-8a86-b870f43d656a} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {65740e1f-adcd-11e3-92ea-b870f43d656a} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {e87004ee-acee-11e3-ba33-b870f43d656a} - E:\AutoRun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEtA0DyCyDyC0AtD0C0FyDtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0EtDzyyCyBtDtGtBtD0FtCtG0BtC0A0DtGzy0FzyyDtGtBtB0EzyyD0C0FyCtA0CyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtBzyyDyD0AtCyDtG0FzztCtBtGyEyCyDtCtG0F0A0C0DtGyE0E0DyCtCtB0C0A0B0CyByD2Q&cr=678683539&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEtA0DyCyDyC0AtD0C0FyDtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0EtDzyyCyBtDtGtBtD0FtCtG0BtC0A0DtGzy0FzyyDtGtBtB0EzyyD0C0FyCtA0CyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtBzyyDyD0AtCyDtG0FzztCtBtGyEyCyDtCtG0F0A0C0DtGyE0E0DyCtCtB0C0A0B0CyByD2Q&cr=678683539&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEtA0DyCyDyC0AtD0C0FyDtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0EtDzyyCyBtDtGtBtD0FtCtG0BtC0A0DtGzy0FzyyDtGtBtB0EzyyD0C0FyCtA0CyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtBzyyDyD0AtCyDtG0FzztCtBtGyEyCyDtCtG0F0A0C0DtGyE0E0DyCtCtB0C0A0B0CyByD2Q&cr=678683539&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEtA0DyCyDyC0AtD0C0FyDtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0EtDzyyCyBtDtGtBtD0FtCtG0BtC0A0DtGzy0FzyyDtGtBtB0EzyyD0C0FyCtA0CyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtBzyyDyD0AtCyDtG0FzztCtBtGyEyCyDtCtG0F0A0C0DtGyE0E0DyCtCtB0C0A0B0CyByD2Q&cr=678683539&ir=
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\..\Interfaces\{CDF6AAD0-7678-4B1D-8F45-C70013C24A25}: [NameServer]212.23.115.84 212.23.115.148
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WEB.DE MailCheck - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\Extensions\toolbar@web.de.xpi [2014-04-14]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
Chrome:
=======
CHR HomePage: chrome://newtab
CHR RestoreOnStartup: "hxxp://www.giga.de/software/"
==================== Services (Whitelisted) =================
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-11-22] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-11-29] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473792 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-11-22] (The OpenVPN Project)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)
R3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [115328 2008-07-24] (Huawei Technologies Co., Ltd.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 IAStorDataMgrSvc;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerServic;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SoftwareService;
U2 Stereo Service;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-24 15:03 - 2014-05-24 16:29 - 00000112 _____ () C:\windows\setupact.log
2014-05-24 15:03 - 2014-05-24 15:03 - 00000000 _____ () C:\windows\setuperr.log
2014-05-23 19:38 - 2014-05-23 20:09 - 69964709 _____ (AVG) C:\Users\User\Downloads\avg_tuh_stf_all_2014_423_24c4.exe.part
2014-05-23 17:24 - 2014-05-23 17:24 - 00003030 _____ () C:\windows\System32\Tasks\{0C28A62E-8130-4E75-AD5E-792F88984A0E}
2014-05-23 17:05 - 2014-05-23 17:05 - 00003030 _____ () C:\windows\System32\Tasks\{E3A71512-3D4C-47E7-A903-F9423DA8B658}
2014-05-22 19:08 - 2014-05-23 17:15 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-05-18 08:49 - 2014-05-18 08:49 - 00017978 _____ () C:\Users\User\Downloads\Ideen Innenausbau Vorzelt.htm
2014-05-18 08:49 - 2014-05-18 08:49 - 00000000 ____D () C:\Users\User\Downloads\Ideen Innenausbau Vorzelt-Dateien
2014-05-15 06:48 - 2014-05-15 06:48 - 00002962 _____ () C:\windows\System32\Tasks\{E7EC90D4-9B09-46E3-9C2C-8717417F45D0}
2014-05-14 20:29 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-14 20:29 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-14 20:29 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-14 20:29 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-14 20:29 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-14 20:29 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-14 19:50 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-14 19:50 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-14 19:50 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-14 19:50 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-14 19:48 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-14 19:48 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-14 19:48 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-14 19:48 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-14 19:48 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-14 19:48 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-14 19:48 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-14 19:48 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-14 19:48 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-14 19:48 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-14 19:48 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-14 19:48 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-14 19:48 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-14 19:48 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-14 19:48 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-14 19:48 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-05-10 19:12 - 2014-05-10 19:12 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-05-10 19:12 - 2014-05-10 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-05-10 19:10 - 2014-05-24 18:22 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-10 19:10 - 2014-05-24 15:04 - 00001102 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 19:10 - 2014-05-10 19:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-10 19:10 - 2014-05-10 19:10 - 00004102 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 19:10 - 2014-05-10 19:10 - 00003850 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-10 19:07 - 2014-05-10 19:07 - 00629584 _____ (Chip Digital GmbH) C:\Users\User\Downloads\AnyBurn - CHIP-Downloader.exe
2014-05-10 19:06 - 2014-05-10 19:06 - 02090704 _____ (SharpNight Co,Ltd ) C:\Users\User\Downloads\7data-ar.exe
2014-05-10 19:00 - 2014-05-10 19:01 - 08267997 _____ () C:\Users\User\Downloads\gsmartcontrol-0.8.7.exe
2014-05-10 16:35 - 2014-05-11 08:31 - 00918672 _____ (Google Inc.) C:\Users\User\Downloads\GoogleEarthSetup.exe
2014-05-06 20:50 - 2014-05-14 21:39 - 00000000 ___SD () C:\windows\system32\CompatTel
==================== One Month Modified Files and Folders =======
2014-05-24 19:11 - 2014-02-16 13:41 - 00000000 ____D () C:\FRST
2014-05-24 18:28 - 2013-11-22 20:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\ALDITALKVerbindungsassistent
2014-05-24 18:22 - 2014-05-10 19:10 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-24 18:20 - 2014-01-19 14:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-24 18:16 - 2013-11-25 07:06 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-24 16:41 - 2013-11-18 14:11 - 01166209 _____ () C:\windows\WindowsUpdate.log
2014-05-24 16:32 - 2013-11-18 21:26 - 00699552 _____ () C:\windows\system32\perfh007.dat
2014-05-24 16:32 - 2013-11-18 21:26 - 00149660 _____ () C:\windows\system32\perfc007.dat
2014-05-24 16:32 - 2009-07-14 07:13 - 01620152 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-24 16:29 - 2014-05-24 15:03 - 00000112 _____ () C:\windows\setupact.log
2014-05-24 15:11 - 2009-07-14 06:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 15:11 - 2009-07-14 06:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 15:04 - 2014-05-10 19:10 - 00001102 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-24 15:03 - 2014-05-24 15:03 - 00000000 _____ () C:\windows\setuperr.log
2014-05-24 15:03 - 2014-03-18 10:33 - 00000262 _____ () C:\windows\Tasks\StartupStar Firewall.job
2014-05-24 15:03 - 2013-11-18 14:59 - 00537706 _____ () C:\windows\system32\fastboot.set
2014-05-24 15:03 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-24 08:43 - 2013-11-23 08:13 - 03586704 _____ () C:\windows\system32\PsBoot.log
2014-05-24 08:43 - 2013-11-23 08:13 - 00905986 _____ () C:\windows\system32\defragLog.log
2014-05-23 21:57 - 2013-12-20 23:18 - 00000000 ____D () C:\Users\User\Documents\Annabell
2014-05-23 20:09 - 2014-05-23 19:38 - 69964709 _____ (AVG) C:\Users\User\Downloads\avg_tuh_stf_all_2014_423_24c4.exe.part
2014-05-23 17:44 - 2014-03-18 10:33 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft
2014-05-23 17:44 - 2013-11-18 15:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-05-23 17:44 - 2009-07-29 09:23 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-23 17:44 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\registration
2014-05-23 17:24 - 2014-05-23 17:24 - 00003030 _____ () C:\windows\System32\Tasks\{0C28A62E-8130-4E75-AD5E-792F88984A0E}
2014-05-23 17:15 - 2014-05-22 19:08 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-05-23 17:05 - 2014-05-23 17:05 - 00003030 _____ () C:\windows\System32\Tasks\{E3A71512-3D4C-47E7-A903-F9423DA8B658}
2014-05-23 16:33 - 2014-03-16 11:54 - 00000420 _____ () C:\windows\Tasks\One-Click Optimizer.job
2014-05-22 13:13 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-05-22 13:06 - 2014-03-29 02:45 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-22 12:28 - 2009-07-14 06:45 - 00460208 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-22 11:40 - 2014-03-31 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-22 11:40 - 2014-01-19 14:07 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-19 09:54 - 2013-12-29 23:16 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-18 08:49 - 2014-05-18 08:49 - 00017978 _____ () C:\Users\User\Downloads\Ideen Innenausbau Vorzelt.htm
2014-05-18 08:49 - 2014-05-18 08:49 - 00000000 ____D () C:\Users\User\Downloads\Ideen Innenausbau Vorzelt-Dateien
2014-05-15 06:48 - 2014-05-15 06:48 - 00002962 _____ () C:\windows\System32\Tasks\{E7EC90D4-9B09-46E3-9C2C-8717417F45D0}
2014-05-14 21:44 - 2013-11-18 15:02 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 21:44 - 2013-11-18 15:02 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 21:39 - 2014-05-06 20:50 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-14 20:32 - 2013-12-18 15:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 20:25 - 2013-11-22 22:48 - 00000000 ____D () C:\windows\system32\MRT
2014-05-14 20:21 - 2013-11-22 22:48 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-13 21:18 - 2013-11-25 07:06 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 21:18 - 2013-11-25 07:06 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:18 - 2013-11-25 07:06 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-05-11 08:31 - 2014-05-10 16:35 - 00918672 _____ (Google Inc.) C:\Users\User\Downloads\GoogleEarthSetup.exe
2014-05-10 19:12 - 2014-05-10 19:12 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-05-10 19:12 - 2014-05-10 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-05-10 19:12 - 2013-11-29 21:47 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-05-10 19:11 - 2014-05-10 19:10 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-10 19:10 - 2014-05-10 19:10 - 00004102 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 19:10 - 2014-05-10 19:10 - 00003850 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-10 19:07 - 2014-05-10 19:07 - 00629584 _____ (Chip Digital GmbH) C:\Users\User\Downloads\AnyBurn - CHIP-Downloader.exe
2014-05-10 19:06 - 2014-05-10 19:06 - 02090704 _____ (SharpNight Co,Ltd ) C:\Users\User\Downloads\7data-ar.exe
2014-05-10 19:01 - 2014-05-10 19:00 - 08267997 _____ () C:\Users\User\Downloads\gsmartcontrol-0.8.7.exe
2014-05-10 00:17 - 2014-02-15 02:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-14 19:50 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 19:50 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-08 07:45 - 2014-03-29 02:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-08 07:45 - 2014-03-29 02:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-08 07:45 - 2014-03-29 02:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-06 06:40 - 2014-05-14 20:29 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 20:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 20:29 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 20:29 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 20:29 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 20:29 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\User\AppData\Local\Temp\ResetDevice.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-25 22:08
==================== End Of Log ============================
--- --- --- FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-05-2014
Ran by User (administrator) on USER-PC on 24-05-2014 19:18:45
Running from C:\Users\User\Documents\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Ascora GmbH) C:\Program Files (x86)\StartupStar\StartupStar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2294568 2010-09-03] (Synaptics Incorporated)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9744800 2013-11-18] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5399456 2013-11-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2013-11-18] (Lenovo)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM\...\Run: [Ashampoo HDD-Control 2 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe [3783592 2012-07-30] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-11-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\windows\System32\SPReview\SPReview.exe [301568 2013-11-27] (Microsoft Corporation)
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: I - I:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {08ec65ea-bad7-11e3-a293-74de2b03ec9f} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {0faace18-85ea-11e3-8173-b870f43d656a} - I:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {14ec4178-a258-11e3-a140-b870f43d656a} - E:\Setup.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {4ea6ee92-e23d-11e3-a0c2-b870f43d656a} - E:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {5cf96507-568b-11e3-be35-74de2b03ec9f} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {653351a5-b6e3-11e3-8a86-b870f43d656a} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {65740e1f-adcd-11e3-92ea-b870f43d656a} - E:\AutoRun.exe
HKU\S-1-5-21-769514679-1109052257-2407649337-1001\...\MountPoints2: {e87004ee-acee-11e3-ba33-b870f43d656a} - E:\AutoRun.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEtA0DyCyDyC0AtD0C0FyDtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0EtDzyyCyBtDtGtBtD0FtCtG0BtC0A0DtGzy0FzyyDtGtBtB0EzyyD0C0FyCtA0CyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtBzyyDyD0AtCyDtG0FzztCtBtGyEyCyDtCtG0F0A0C0DtGyE0E0DyCtCtB0C0A0B0CyByD2Q&cr=678683539&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEtA0DyCyDyC0AtD0C0FyDtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0EtDzyyCyBtDtGtBtD0FtCtG0BtC0A0DtGzy0FzyyDtGtBtB0EzyyD0C0FyCtA0CyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtBzyyDyD0AtCyDtG0FzztCtBtGyEyCyDtCtG0F0A0C0DtGyE0E0DyCtCtB0C0A0B0CyByD2Q&cr=678683539&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEtA0DyCyDyC0AtD0C0FyDtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0EtDzyyCyBtDtGtBtD0FtCtG0BtC0A0DtGzy0FzyyDtGtBtB0EzyyD0C0FyCtA0CyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtBzyyDyD0AtCyDtG0FzztCtBtGyEyCyDtCtG0F0A0C0DtGyE0E0DyCtCtB0C0A0B0CyByD2Q&cr=678683539&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dvd_14_13_ff&cd=2XzuyEtN2Y1L1Qzu0BzzyBtD0FyEtA0DyCyDyC0AtD0C0FyDtN0D0Tzu0SzztCzztN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StC0B0EtDzyyCyBtDtGtBtD0FtCtG0BtC0A0DtGzy0FzyyDtGtBtB0EzyyD0C0FyCtA0CyCtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtBzyyDyD0AtCyDtG0FzztCtBtGyEyCyDtCtG0F0A0C0DtGyE0E0DyCtCtB0C0A0B0CyByD2Q&cr=678683539&ir=
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\..\Interfaces\{CDF6AAD0-7678-4B1D-8F45-C70013C24A25}: [NameServer]212.23.115.84 212.23.115.148
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WEB.DE MailCheck - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\Extensions\toolbar@web.de.xpi [2014-04-14]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
Chrome:
=======
CHR HomePage: chrome://newtab
CHR RestoreOnStartup: "hxxp://www.giga.de/software/"
==================== Services (Whitelisted) =================
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-11-22] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-11-29] (Advanced Micro Devices, Inc.)
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473792 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2013-11-22] (The OpenVPN Project)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)
R3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [115328 2008-07-24] (Huawei Technologies Co., Ltd.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-12-05] (Seiko Epson Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 IAStorDataMgrSvc;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U2 nvUpdatusService;
U2 Oasis2Service;
U2 PCCarerServic;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SoftwareService;
U2 Stereo Service;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-24 19:14 - 2014-05-24 19:14 - 00036348 _____ () C:\Users\User\Desktop\FRST.txt
2014-05-24 15:03 - 2014-05-24 16:29 - 00000112 _____ () C:\windows\setupact.log
2014-05-24 15:03 - 2014-05-24 15:03 - 00000000 _____ () C:\windows\setuperr.log
2014-05-23 19:38 - 2014-05-23 20:09 - 69964709 _____ (AVG) C:\Users\User\Downloads\avg_tuh_stf_all_2014_423_24c4.exe.part
2014-05-23 17:24 - 2014-05-23 17:24 - 00003030 _____ () C:\windows\System32\Tasks\{0C28A62E-8130-4E75-AD5E-792F88984A0E}
2014-05-23 17:05 - 2014-05-23 17:05 - 00003030 _____ () C:\windows\System32\Tasks\{E3A71512-3D4C-47E7-A903-F9423DA8B658}
2014-05-22 19:08 - 2014-05-23 17:15 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-05-18 08:49 - 2014-05-18 08:49 - 00017978 _____ () C:\Users\User\Downloads\Ideen Innenausbau Vorzelt.htm
2014-05-18 08:49 - 2014-05-18 08:49 - 00000000 ____D () C:\Users\User\Downloads\Ideen Innenausbau Vorzelt-Dateien
2014-05-15 06:48 - 2014-05-15 06:48 - 00002962 _____ () C:\windows\System32\Tasks\{E7EC90D4-9B09-46E3-9C2C-8717417F45D0}
2014-05-14 20:29 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-14 20:29 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-14 20:29 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-14 20:29 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-14 20:29 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-14 20:29 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-05-14 19:50 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-14 19:50 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-14 19:50 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-05-14 19:50 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-05-14 19:48 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-05-14 19:48 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-05-14 19:48 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-05-14 19:48 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-05-14 19:48 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-05-14 19:48 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-05-14 19:48 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-05-14 19:48 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-05-14 19:48 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-05-14 19:48 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-05-14 19:48 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-05-14 19:48 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-05-14 19:48 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-05-14 19:48 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-05-14 19:48 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2014-05-14 19:48 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2014-05-14 19:48 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2014-05-14 19:48 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-05-14 19:48 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-05-10 19:12 - 2014-05-10 19:12 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-05-10 19:12 - 2014-05-10 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-05-10 19:10 - 2014-05-24 19:15 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-10 19:10 - 2014-05-24 19:15 - 00001102 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 19:10 - 2014-05-10 19:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-10 19:10 - 2014-05-10 19:10 - 00004102 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 19:10 - 2014-05-10 19:10 - 00003850 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-10 19:07 - 2014-05-10 19:07 - 00629584 _____ (Chip Digital GmbH) C:\Users\User\Downloads\AnyBurn - CHIP-Downloader.exe
2014-05-10 19:06 - 2014-05-10 19:06 - 02090704 _____ (SharpNight Co,Ltd ) C:\Users\User\Downloads\7data-ar.exe
2014-05-10 19:00 - 2014-05-10 19:01 - 08267997 _____ () C:\Users\User\Downloads\gsmartcontrol-0.8.7.exe
2014-05-10 16:35 - 2014-05-11 08:31 - 00918672 _____ (Google Inc.) C:\Users\User\Downloads\GoogleEarthSetup.exe
2014-05-06 20:50 - 2014-05-14 21:39 - 00000000 ___SD () C:\windows\system32\CompatTel
==================== One Month Modified Files and Folders =======
2014-05-24 19:18 - 2014-02-16 13:41 - 00000000 ____D () C:\FRST
2014-05-24 19:17 - 2014-01-19 14:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-24 19:16 - 2013-11-25 07:06 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-24 19:15 - 2014-05-10 19:10 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-24 19:15 - 2014-05-10 19:10 - 00001102 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-24 19:14 - 2014-05-24 19:14 - 00036348 _____ () C:\Users\User\Desktop\FRST.txt
2014-05-24 18:28 - 2013-11-22 20:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\ALDITALKVerbindungsassistent
2014-05-24 18:28 - 2013-11-18 14:11 - 01166209 _____ () C:\windows\WindowsUpdate.log
2014-05-24 16:32 - 2013-11-18 21:26 - 00699552 _____ () C:\windows\system32\perfh007.dat
2014-05-24 16:32 - 2013-11-18 21:26 - 00149660 _____ () C:\windows\system32\perfc007.dat
2014-05-24 16:32 - 2009-07-14 07:13 - 01620152 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-24 16:29 - 2014-05-24 15:03 - 00000112 _____ () C:\windows\setupact.log
2014-05-24 15:11 - 2009-07-14 06:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 15:11 - 2009-07-14 06:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 15:03 - 2014-05-24 15:03 - 00000000 _____ () C:\windows\setuperr.log
2014-05-24 15:03 - 2014-03-18 10:33 - 00000262 _____ () C:\windows\Tasks\StartupStar Firewall.job
2014-05-24 15:03 - 2013-11-18 14:59 - 00537706 _____ () C:\windows\system32\fastboot.set
2014-05-24 15:03 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-24 08:43 - 2013-11-23 08:13 - 03586704 _____ () C:\windows\system32\PsBoot.log
2014-05-24 08:43 - 2013-11-23 08:13 - 00905986 _____ () C:\windows\system32\defragLog.log
2014-05-23 21:57 - 2013-12-20 23:18 - 00000000 ____D () C:\Users\User\Documents\Annabell
2014-05-23 20:09 - 2014-05-23 19:38 - 69964709 _____ (AVG) C:\Users\User\Downloads\avg_tuh_stf_all_2014_423_24c4.exe.part
2014-05-23 17:44 - 2014-03-18 10:33 - 00000000 ____D () C:\Users\User\AppData\Local\Abelssoft
2014-05-23 17:44 - 2013-11-18 15:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-05-23 17:44 - 2009-07-29 09:23 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-05-23 17:44 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\registration
2014-05-23 17:24 - 2014-05-23 17:24 - 00003030 _____ () C:\windows\System32\Tasks\{0C28A62E-8130-4E75-AD5E-792F88984A0E}
2014-05-23 17:15 - 2014-05-22 19:08 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-05-23 17:05 - 2014-05-23 17:05 - 00003030 _____ () C:\windows\System32\Tasks\{E3A71512-3D4C-47E7-A903-F9423DA8B658}
2014-05-23 16:33 - 2014-03-16 11:54 - 00000420 _____ () C:\windows\Tasks\One-Click Optimizer.job
2014-05-22 13:13 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-05-22 13:06 - 2014-03-29 02:45 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-22 12:28 - 2009-07-14 06:45 - 00460208 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-22 11:40 - 2014-03-31 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-22 11:40 - 2014-01-19 14:07 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-19 09:54 - 2013-12-29 23:16 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-18 08:49 - 2014-05-18 08:49 - 00017978 _____ () C:\Users\User\Downloads\Ideen Innenausbau Vorzelt.htm
2014-05-18 08:49 - 2014-05-18 08:49 - 00000000 ____D () C:\Users\User\Downloads\Ideen Innenausbau Vorzelt-Dateien
2014-05-15 06:48 - 2014-05-15 06:48 - 00002962 _____ () C:\windows\System32\Tasks\{E7EC90D4-9B09-46E3-9C2C-8717417F45D0}
2014-05-14 21:44 - 2013-11-18 15:02 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 21:44 - 2013-11-18 15:02 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 21:39 - 2014-05-06 20:50 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-05-14 20:32 - 2013-12-18 15:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 20:25 - 2013-11-22 22:48 - 00000000 ____D () C:\windows\system32\MRT
2014-05-14 20:21 - 2013-11-22 22:48 - 93223848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-05-13 21:18 - 2013-11-25 07:06 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 21:18 - 2013-11-25 07:06 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:18 - 2013-11-25 07:06 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-05-11 08:31 - 2014-05-10 16:35 - 00918672 _____ (Google Inc.) C:\Users\User\Downloads\GoogleEarthSetup.exe
2014-05-10 19:12 - 2014-05-10 19:12 - 00002212 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2014-05-10 19:12 - 2014-05-10 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-05-10 19:12 - 2013-11-29 21:47 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-05-10 19:11 - 2014-05-10 19:10 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-10 19:10 - 2014-05-10 19:10 - 00004102 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 19:10 - 2014-05-10 19:10 - 00003850 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-10 19:07 - 2014-05-10 19:07 - 00629584 _____ (Chip Digital GmbH) C:\Users\User\Downloads\AnyBurn - CHIP-Downloader.exe
2014-05-10 19:06 - 2014-05-10 19:06 - 02090704 _____ (SharpNight Co,Ltd ) C:\Users\User\Downloads\7data-ar.exe
2014-05-10 19:01 - 2014-05-10 19:00 - 08267997 _____ () C:\Users\User\Downloads\gsmartcontrol-0.8.7.exe
2014-05-10 00:17 - 2014-02-15 02:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-14 19:50 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 19:50 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-05-08 07:45 - 2014-03-29 02:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-08 07:45 - 2014-03-29 02:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-08 07:45 - 2014-03-29 02:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-05-06 06:40 - 2014-05-14 20:29 - 23544320 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 20:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 20:29 - 17382912 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 20:29 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 20:29 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 20:29 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\User\AppData\Local\Temp\ResetDevice.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-25 22:08
==================== End Of Log ============================
--- --- --- |
|
25.05.2014, 18:23
| #4 |
| /// the machine /// TB-Ausbilder | Bildschirm hängt fest, hochladen dauert ewig Addition.txt fehlt noch 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.05.2014, 20:04
| #5 |
| | Bildschirm hängt fest, hochladen dauert ewig sorry  Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by User at 2014-05-26 20:59:55
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
ALDI TALK Verbindungsassistent (HKLM-x32\...\ALDITALKVerbindungsassistent) (Version: - ALDI TALK Verbindungsassistent)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AMD Fuel (Version: 2010.1129.1139.20817 - Ihr Firmenname) Hidden
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\{4209F371-A431-385E-2D7E-ACDA5DA3BA0B}_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2014 v.1.0.0 (HKLM-x32\...\{4209F371-99CD-68CB-1C29-9910F8F9BD96}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.33 - Atheros Communications Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.51129 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{9AEE3659-C7CE-D3E7-8161-0D616D9EB260}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3950 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.1129.1139.20817 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1129.1139.20817 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.1129.1139.20817 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2010.1129.1139.20817 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help English (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help French (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help German (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.1129.1138.20817 - ATI) Hidden
ccc-core-static (x32 Version: 2010.1129.1139.20817 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.1129.1139.20817 - ATI) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.46.0.50 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.5 - Lenovo)
Energy Management (x32 Version: 6.0.1.5 - Lenovo) Hidden
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
Epson Benutzerhandbuch WF-2510 Series (HKLM-x32\...\WF-2510 Series Useg) (Version: - )
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION)
EPSON File Manager (HKLM-x32\...\{D02F30FB-0BC4-419A-9B9C-ADC610029B50}) (Version: 1.3.2.0 - )
Epson Netzwerkhandbuch WF-2510 Series (HKLM-x32\...\WF-2510 Series Netg) (Version: - )
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.1.1 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Free Audio Converter version 5.0.32.1230 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free MP3 Converter (HKLM-x32\...\Free MP3 Converter_is1) (Version: - EIPC)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2318.52 - CyberLink Corp.)
Lenovo PowerDVD 10 (x32 Version: 10.0.2318.52 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3603 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3603 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PowerXpressHybrid (x32 Version: 1.00.0000 - ATI) Hidden
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
StartupStar (HKLM-x32\...\{C8A6121E-BE35-418D-91EF-A9536DA70B36}_is1) (Version: 6.1 - Abelssoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{4B93560B-F33D-4A67-A224-F5E1C329BD22}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VIS (HKLM-x32\...\VIS) (Version: - ) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {16B0C564-AC55-4AC7-A0DC-08FE4B61A596} - System32\Tasks\System Speedup => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: {27F4D992-7D67-4BFC-A758-02C3E550768A} - System32\Tasks\{236E1664-5506-4B0C-92B8-00370A6EFE56} => Firefox.exe
Task: {280D4595-05B8-4330-A375-5E6F7FF5A1EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {34FBFD8E-7777-49B5-B9F9-7D26648722B1} - System32\Tasks\One-Click Optimizer => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe [2013-12-18] (Ashampoo Development GmbH & Co. KG)
Task: {35FA6C9D-A751-47F6-9543-B3F69F5B1C92} - \MySearchDial No Task File <==== ATTENTION
Task: {4DB0305C-7485-41C3-97A1-50861330F205} - System32\Tasks\{0C28A62E-8130-4E75-AD5E-792F88984A0E} => C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe [2013-11-22] ()
Task: {6B5EF4BE-B91E-4BF1-8D49-A6F70D1BCBA9} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink)
Task: {6E6E8677-4B8D-46C9-83A1-FE8CC4E9C2F8} - \System Speedup_DEFAULT No Task File <==== ATTENTION
Task: {8D6504AF-2D29-4A3E-A719-E28CE7630394} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {904C9182-5B83-49C3-9D92-6D0045D4B850} - System32\Tasks\StartupStar Firewall => C:\Program Files (x86)\StartupStar\StartupStar.exe [2014-01-30] (Ascora GmbH)
Task: {9D9E50B7-44B5-43A8-8081-7A889008081D} - System32\Tasks\{F5A4EA52-F3E2-4D2A-A1E4-537D1066816B} => C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe [2013-11-22] ()
Task: {AF5DC9FF-7F08-4F4B-8630-46403C40EB00} - \System Speedup_UPDATES No Task File <==== ATTENTION
Task: {C034590B-9EAD-4187-BA73-27BD91445E7A} - System32\Tasks\Games\UpdateCheck_S-1-5-21-769514679-1109052257-2407649337-1001
Task: {C7502942-74F3-47D7-8EBA-538188FA65BD} - System32\Tasks\{E3A71512-3D4C-47E7-A903-F9423DA8B658} => C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe [2013-11-22] ()
Task: {C7A7F46F-BC35-49EE-B2F7-69116715912A} - System32\Tasks\{E7EC90D4-9B09-46E3-9C2C-8717417F45D0} => Firefox.exe
Task: {D0015260-D497-474C-8688-22138C71DAD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {F77D689F-F513-4A0F-9F6B-6DA986902247} - \RegClean Pro No Task File <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\One-Click Optimizer.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2014\WO2014.exe
Task: C:\windows\Tasks\StartupStar Firewall.job => C:\Program Files (x86)\StartupStar\StartupStar.exe
==================== Loaded Modules (whitelisted) =============
2014-03-16 12:49 - 2012-07-30 10:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
2013-11-22 20:30 - 2013-11-22 20:30 - 00358968 _____ () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2010-11-29 13:50 - 2010-11-29 13:50 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2010-11-29 13:50 - 2010-11-29 13:50 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2008-12-20 05:20 - 2013-11-18 14:57 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 05:20 - 2013-11-18 14:57 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2014-03-18 10:32 - 2014-01-30 19:31 - 00053024 _____ () C:\Program Files (x86)\StartupStar\AbSettings.dll
2014-03-18 10:32 - 2014-01-30 19:31 - 01398560 _____ () C:\Program Files (x86)\StartupStar\AbGui.dll
2014-03-18 10:32 - 2014-01-30 19:31 - 00014112 _____ () C:\Program Files (x86)\StartupStar\AbAutostartManager.dll
2014-03-18 10:32 - 2014-01-30 19:31 - 00040736 _____ () C:\Program Files (x86)\StartupStar\AbApi.dll
2014-03-18 10:32 - 2014-01-30 19:31 - 00040224 _____ () C:\Program Files (x86)\StartupStar\StartupLogic.dll
2014-02-15 02:55 - 2014-05-10 00:17 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/25/2014 03:23:39 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/24/2014 11:45:07 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/24/2014 09:34:56 AM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/23/2014 10:29:00 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/23/2014 05:47:45 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Wiederherstellungsvorgang). Zusätzliche Informationen: 0x80070005.
Error: (05/23/2014 05:42:13 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/23/2014 05:34:48 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Windows Update). Zusätzliche Informationen: 0x8000ffff.
Error: (05/23/2014 05:27:50 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/23/2014 05:02:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ALDITALKVerbindungsassistent.exe, Version: 0.0.0.0, Zeitstempel: 0x51f27d23
Name des fehlerhaften Moduls: ALDITALKVerbindungsassistent.exe, Version: 0.0.0.0, Zeitstempel: 0x51f27d23
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x00117277
ID des fehlerhaften Prozesses: 0x1194
Startzeit der fehlerhaften Anwendung: 0xALDITALKVerbindungsassistent.exe0
Pfad der fehlerhaften Anwendung: ALDITALKVerbindungsassistent.exe1
Pfad des fehlerhaften Moduls: ALDITALKVerbindungsassistent.exe2
Berichtskennung: ALDITALKVerbindungsassistent.exe3
Error: (05/22/2014 09:45:45 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
System errors:
=============
Error: (05/25/2014 09:44:44 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ehSched erreicht.
Error: (05/24/2014 03:03:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.05.2014 um 15:00:50 unerwartet heruntergefahren.
Error: (05/24/2014 02:39:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.05.2014 um 14:36:45 unerwartet heruntergefahren.
Error: (05/24/2014 08:43:30 AM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.
Error: (05/23/2014 06:09:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 23.05.2014 um 18:06:54 unerwartet heruntergefahren.
Error: (05/19/2014 08:29:56 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 19.05.2014 um 08:25:32 unerwartet heruntergefahren.
Error: (05/15/2014 07:09:09 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B4DFE3D1-2226-4B82-AB3C-8E0AA3D6185E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (05/14/2014 07:30:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/14/2014 07:30:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
Error: (05/13/2014 05:41:36 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B4DFE3D1-2226-4B82-AB3C-8E0AA3D6185E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (05/25/2014 03:23:39 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/24/2014 11:45:07 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/24/2014 09:34:56 AM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/23/2014 10:29:00 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/23/2014 05:47:45 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Wiederherstellungsvorgang0x80070005
Error: (05/23/2014 05:42:13 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/23/2014 05:34:48 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Windows Update0x8000ffff
Error: (05/23/2014 05:27:50 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
Error: (05/23/2014 05:02:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ALDITALKVerbindungsassistent.exe0.0.0.051f27d23ALDITALKVerbindungsassistent.exe0.0.0.051f27d23c00000fd00117277119401cf768dea63d571C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exeC:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent.exe4d487913-e28b-11e3-a0c2-b870f43d656a
Error: (05/22/2014 09:45:45 PM) (Source: AHDDC2_Service.exe) (EventID: 0) (User: )
Description: Cannot terminate an externally created thread
CodeIntegrity Errors:
===================================
Date: 2014-02-17 16:15:18.762
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-17 16:15:17.972
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 27%
Total physical RAM: 5738.9 MB
Available physical RAM: 4160.63 MB
Total Pagefile: 11475.98 MB
Available Pagefile: 9742.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:254.14 GB) (Free:203.57 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: F761340D)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=254 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)
==================== End Of Log ============================
|
|
27.05.2014, 18:08
| #6 |
| /// the machine /// TB-Ausbilder | Bildschirm hängt fest, hochladen dauert ewig hi, Scan mit Combofix
__________________ --> Bildschirm hängt fest, hochladen dauert ewig |
|
27.05.2014, 20:22
| #7 |
| | Bildschirm hängt fest, hochladen dauert ewig Hallo Schrauber, ich konnte zwar die Combofix downloaden und auf dem desktop speichern, doch wenn ich das symbol angeklickt habe, öffnete sich ein kl. Fenster mit grünem Balken oben drüber. In dem Fenster wurden Dateien gelöscht und dekompe..?? aber mehr geschah nicht, wenn ich erneut auf das Symbol klickte öffnete sich wieder nur das o.g. Fenster... also keine Exe. die ich hätte anklicken können, bzw. Text den ich hier nun einfügen könnte. Antivir und Firewall, habe ich vor dem Starten, nach dem Download von Combofix deaktiviert... ??? |
|
28.05.2014, 12:23
| #8 |
| /// the machine /// TB-Ausbilder | Bildschirm hängt fest, hochladen dauert ewig Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.05.2014, 06:38
| #9 |
| | Bildschirm hängt fest, hochladen dauert ewig Hallo Schrauber, ich habe immer wieder massive Probleme, sei es die Downloads zu öffen, die Suchsysteme durchlaufen z u lassen und wenn es denn beim x. Anlauf endlich mal geklappt hat, dann hängt sich der Laptop ständig auf, wenn ich die Texte hier einfügen möchte... Nun habe ich allerdings auch gesehen, dass die CPU Auslastung immer wieder bei 100% liegt, wenn alles "festhängt"... Hat das auch mit dem "Befall" von irgendwas zu tun???? Ich verzweifele nämlich so langsam.... Versuche gleich nochmal die Logs hier einzufügen... Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 29/05/2014 um 22:35:35
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Desktop\adwcleaner_3.211.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fqv36ojr.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [6612 octets] - [20/02/2014 22:48:27]
AdwCleaner[R1].txt - [4109 octets] - [29/03/2014 03:37:11]
AdwCleaner[R2].txt - [2297 octets] - [29/05/2014 22:30:14]
AdwCleaner[R3].txt - [2089 octets] - [29/05/2014 22:35:35]
AdwCleaner[S0].txt - [6117 octets] - [20/02/2014 22:53:12]
AdwCleaner[S1].txt - [3997 octets] - [29/03/2014 03:41:22]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [2269 octets] ##########
Code:
ATTFilter <?xml version="1.0" encoding="UTF-16"?>
-<mbam-log>
-<header>
<date>2014/05/29 17:00:11 +0200</date>
<logfile>mbam-log-2014-05-29 (17-00-11).xml</logfile>
<isadmin>yes</isadmin>
</header>
-<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.05.29.06</malware-database>
<rootkit-database>v2014.05.21.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
-<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>User</username>
<filesys>NTFS</filesys>
</system>
-<summary>
<type>threat</type>
<result>completed</result>
<objects>295620</objects>
<time>1633</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
-<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>warn</pup>
<pum>enabled</pum>
</options>
<items> </items>
</mbam-log>
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on 29.05.2014 at 23:48:58,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\fqv36ojr.default\minidumps [79 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.05.2014 at 0:11:20,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
30.05.2014, 22:12
| #10 |
| /// the machine /// TB-Ausbilder | Bildschirm hängt fest, hochladen dauert ewigESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.05.2014, 19:37
| #11 |
| | Bildschirm hängt fest, hochladen dauert ewig Sorry, ich krieg langsam nen Fön... ständig hängt alles, fenster öffnen sich mehrfach, lassen sich nicht mehr schließen.... dann geht eine ganze Zeit lang wieder gar nichts... dann kann ich den Rechner manchmal noch nicht mal mehr runter fahren... lasse ihn dann einfach stehen und gucke am anderen Tag nochmal nach usw. echt zum Koxxxxxen!!! Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
Hat das auch mit dem "Befall" von irgendwas zu tun???? Ich verzweifele nämlich so langsam.... Code:
ATTFilter Results of screen317's Security Check version 0.99.83
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
AVG Internet Security 2014
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 51
Java version out of Date!
Adobe Flash Player 13.0.0.214
Adobe Reader XI
Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
01.06.2014, 14:15
| #12 |
| /// the machine /// TB-Ausbilder | Bildschirm hängt fest, hochladen dauert ewig Java updaten. Frisches FRST log fehlt. ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.06.2014, 07:30
| #13 |
| | Bildschirm hängt fest, hochladen dauert ewig Hallo Schrauber, inzwischen geht es mit dem Seiten hochladen und sich aufhängen wieder.... Wurde besser nach dem letzten Check-Prozess... Allerdings passiert es immer noch, das wenn ich ein neues Fenster öffne, sich das Aktuelle, neu geöffnete, blitzschnell verkleinert und das vorherige wieder groß auftaucht... weiß ich so recht wie ich das anders beschreiben soll... Falls du es nicht verstehst, lasse es mich bitte wissen, damit ich es erneut versuchen kann diesen Vorgang zu beschreiben. Außerdem ist oben rechts im Fenster wo die drei Zeichen zum Minimieren, Vollbild oder schließen sind, nur ein schwarzes Feld. Wenn ich also eine dieser Aufgaben ausführen will, klicke ich "blind" ins "Schwarze" um den Vorgang durchzuführen.... Und in punkto Prozess Explorer: habe ich diesen runter geladen, auch diese Häkchen angesetzt, doch wie ich dir nun diesen Sreenshot erstelle???? Sorry , mir mal an den Kopf kloppe... Und wie kann man, trotz AVG und Co künftig dauerhaft solche Probleme verhindern? Herzlichen DANK |
|
03.06.2014, 07:34
| #14 |
| | Bildschirm hängt fest, hochladen dauert ewigCode:
ATTFilter Process CPU Private Bytes Working Set PID Description Company Name CPU History
System Idle Process 43.20 0 K 24 K 0
System 0.37 440 K 4.528 K 4
Interrupts 1.48 0 K 0 K n/a Hardware Interrupts and DPCs
smss.exe 452 K 1.092 K 276
avgrsa.exe < 0.01 35.488 K 46.780 K 364
avgcsrva.exe 5.756 K 7.376 K 424
csrss.exe < 0.01 2.120 K 4.332 K 660
wininit.exe 1.488 K 4.400 K 720
services.exe 5.344 K 9.000 K 780
svchost.exe 0.01 5.068 K 10.200 K 936 Hostprozess für Windows-Dienste Microsoft Corporation
unsecapp.exe 1.540 K 4.880 K 3060
WmiPrvSE.exe 0.07 6.584 K 10.880 K 2776
dllhost.exe 2.404 K 6.996 K 656
svchost.exe 4.816 K 8.704 K 1020 Hostprozess für Windows-Dienste Microsoft Corporation
atiesrxx.exe 1.476 K 4.168 K 316 AMD External Events Service Module AMD
atieclxx.exe 2.344 K 6.600 K 1256
svchost.exe 0.02 21.196 K 23.640 K 892 Hostprozess für Windows-Dienste Microsoft Corporation
svchost.exe < 0.01 11.140 K 23.012 K 1032 Hostprozess für Windows-Dienste Microsoft Corporation
dwm.exe 0.84 33.032 K 33.792 K 1864 Desktopfenster-Manager Microsoft Corporation
svchost.exe < 0.01 11.752 K 24.040 K 1060 Hostprozess für Windows-Dienste Microsoft Corporation
svchost.exe 0.09 35.724 K 53.448 K 1084 Hostprozess für Windows-Dienste Microsoft Corporation
taskeng.exe 2.264 K 6.388 K 3532 Aufgabenplanungsmodul Microsoft Corporation
YCMMirage.exe < 0.01 1.716 K 5.728 K 3564 YouCam Mirage CyberLink
svchost.exe < 0.01 17.976 K 20.692 K 1304 Hostprozess für Windows-Dienste Microsoft Corporation
spoolsv.exe 7.460 K 12.816 K 1524 Spoolersubsystem-Anwendung Microsoft Corporation
svchost.exe 12.332 K 14.676 K 1560 Hostprozess für Windows-Dienste Microsoft Corporation
taskhost.exe < 0.01 13.344 K 14.532 K 1688 Hostprozess für Windows-Aufgaben Microsoft Corporation
armsvc.exe 1.156 K 3.836 K 1840 Adobe Acrobat Update Service Adobe Systems Incorporated
AHDDC2_Service.exe 0.02 6.488 K 10.152 K 1956
ALDITALKVerbindungsassistent_Service.exe 2.460 K 7.040 K 1296
AMD Reservation Manager.exe 1.328 K 4.044 K 1780 RM Application Advanced Micro Devices
avgfws.exe 6.664 K 17.584 K 1612 AVG Firewall Service AVG Technologies CZ, s.r.o.
avgidsagent.exe < 0.01 13.928 K 27.616 K 2064 AVG Identity Protection Service AVG Technologies CZ, s.r.o.
avgwdsvc.exe 0.03 12.484 K 24.700 K 2200 AVG Watchdog Service AVG Technologies CZ, s.r.o.
avgnsa.exe 3.868 K 8.992 K 2952
avgemca.exe 1.972 K 6.660 K 836
svchost.exe 2.228 K 6.340 K 2332 Hostprozess für Windows-Dienste Microsoft Corporation
Fuel.Service.exe 5.224 K 10.440 K 2404 Fusion Utility-Dienst Advanced Micro Devices, Inc.
escsvc64.exe 1.580 K 4.988 K 2576 Epson Scanner Service (64bit) Seiko Epson Corporation
PresentationFontCache.exe 27.416 K 19.880 K 3080 PresentationFontCache.exe Microsoft Corporation
svchost.exe < 0.01 7.412 K 13.800 K 972 Hostprozess für Windows-Dienste Microsoft Corporation
WLIDSVC.EXE 5.552 K 11.892 K 996
WLIDSVCM.EXE 1.212 K 3.208 K 3056
wmpnetwk.exe 0.01 14.400 K 15.532 K 1740 Windows Media Player-Netzwerkfreigabedienst Microsoft Corporation
svchost.exe 2.596 K 5.948 K 4164 Hostprozess für Windows-Dienste Microsoft Corporation
svchost.exe 11.136 K 14.420 K 388 Hostprozess für Windows-Dienste Microsoft Corporation
lsass.exe 0.01 5.996 K 14.012 K 832 Local Security Authority Process Microsoft Corporation
lsm.exe 2.668 K 4.388 K 848
csrss.exe 0.34 2.796 K 17.164 K 732
winlogon.exe 3.288 K 7.688 K 804
explorer.exe 0.07 56.260 K 79.828 K 1908 Windows-Explorer Microsoft Corporation
SynTPEnh.exe 0.94 9.180 K 14.744 K 1472 Synaptics TouchPad Enhancements Synaptics Incorporated
SynTPHelper.exe 1.188 K 3.236 K 3924
Energy Management.exe 6.512 K 11.508 K 2096 Lenovo Energy Management Software 6.0 Lenovo (Beijing) Limited
utility.exe 9.076 K 12.940 K 2104 Lenovo Battery Management Software Ver 6.0 Lenovo(beijing) Limited
AHDDC2_Guard.exe 0.06 9.544 K 14.780 K 2260 Ashampoo HDDControl Guard Ashampoo Development GmbH & Co. KG
procexp.exe 2.848 K 7.112 K 4540 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
procexp64.exe 2.22 26.636 K 42.756 K 5480 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
avgui.exe < 0.01 10.052 K 9.836 K 2560 AVG User Interface AVG Technologies CZ, s.r.o.
ctfmon.exe 2.096 K 4.432 K 3228 CTF-Ladeprogramm Microsoft Corporation
EEventManager.exe 0.02 3.352 K 9.668 K 2604 EEventManager Application SEIKO EPSON CORPORATION
MOM.exe 0.03 41.324 K 9.088 K 2656 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
CCC.exe 0.03 103.760 K 7.972 K 3728 Catalyst Control Center: Host application ATI Technologies Inc.
GoogleCrashHandler.exe 1.516 K 1.160 K 2164
GoogleCrashHandler64.exe 1.684 K 1.080 K 2292
ALDITALKVerbindungsassistent_Launcher.exe < 0.01 23.460 K 31.012 K 4776
firefox.exe 50.13 557.476 K 606.024 K 4304
|
|
04.06.2014, 08:14
| #15 |
| /// the machine /// TB-Ausbilder | Bildschirm hängt fest, hochladen dauert ewig Nein ich wollte einfach dass Du mit Prozess Explorer kontrollierst, ob die CPU irgendwelche Lasten zeigt in dem Moment, wenn der Rechner Probleme macht. Poste bitte noch ein frisches FRST log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Bildschirm hängt fest, hochladen dauert ewig |
| ander, andere, angel, arten, aufrufen, bildschirm, dauert, dauert ewig, dokumente, fenster, grundsätzliche, hochladen, hängt, inter, interne, internet, laptop, laptops, miteinander, ohne internet, probleme, seite, seiten, starte, starten, ähnliches |
WARNUNG an die MITLESER: 
Linear-Darstellung
