| |
| |||||||
Log-Analyse und Auswertung: PC äußerst langsam - Bootet langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
11.08.2014, 18:29
| #1 |
| |  PC äußerst langsam - Bootet langsam Guten Abend, ich habe seit geraumer Zeit Probleme mit meinem Rechner. Das heißt, dass er arg langsam ist und seit neuestem auch immer wieder mal Internetverbindungen mir verlangsamt vorkommen. Ebenso das Booten benötigt eine gefühlte Ewigkeit. Außerdem funktionieren Spiele nicht mehr so flüssig wie das eigentlich sonst der Fall war. Vor gut drei Monaten hatte ich mir bereits irgendwas (kann ich leider nicht mehr genau sagen) auf den Rechner geholt, was automatisch ohne mein dazutun weitere Dinge installiert hat. Hier hatte ich dann das Problem, dass alle Browser eine neue Startseite hatten. Daraufhin hatte ich bereits Malwarebytes laufen lassen und alles in die Quarantäne verschoben. So waren bis auf google Crome wieder alle Browser ok. Leider ist das schon eine Weile her, sodass ich dazu keine weiteren Infos liefern kann. Nachdem mich das nun derart stört hatte ich bereits einen Suchlauf mit AdwCleaner durchgeführt. Die Log Datei füge ich bei. Dadurch ist die Startseite bei Crome nun auch wieder korrekt. Ich bitte Euch um Hilfe, weil ich selbst nicht genügend Wissen habe um dem Problem Herr zu werden. Weitere Fragen beantworte ich natürlich jederzeit. GMER: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-11 19:00:35
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-7 SAMSUNG_HD154UI rev.1AG01118 1397,26GB
Running: Gmer-19357.exe; Driver: C:\Users\Marcel\AppData\Local\Temp\pgddipow.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\Windows\system32\DRIVERS\USBPORT.SYS!DllUnload fffff8800f228d8c 12 bytes {MOV RAX, 0xfffffa8007e992a0; JMP RAX}
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\wininit.exe[708] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Windows\system32\winlogon.exe[756] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Windows\system32\services.exe[804] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Windows\system32\atiesrxx.exe[572] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Windows\System32\svchost.exe[920] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Windows\system32\svchost.exe[1044] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe[1072] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe[1236] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Windows\system32\svchost.exe[1420] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Windows\Explorer.EXE[1780] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Windows\system32\taskhost.exe[1412] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[1860] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Program Files\System\O&O Software\Defrag 15\oodtray.exe[1816] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Program Files\Logitech Gaming Software\LCore.exe[1912] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2100] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\Ralink\Common\RaUI.exe[2176] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe[2264] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe[2384] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe[2392] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\GameTracker\GSInGameService.exe[2616] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\GameTracker\GSInGameService.exe[2616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000759c1465 2 bytes [9C, 75]
.text C:\Program Files (x86)\GameTracker\GSInGameService.exe[2616] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759c14bb 2 bytes [9C, 75]
.text ... * 2
.text C:\Program Files\Internet\Avast5\AvastUI.exe[2628] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000075858791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]
.text C:\Program Files\Internet\Avast5\AvastUI.exe[2628] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files\Internet\Avast5\AvastUI.exe[2628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000759c1465 2 bytes [9C, 75]
.text C:\Program Files\Internet\Avast5\AvastUI.exe[2628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759c14bb 2 bytes [9C, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[2708] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe[2736] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1160] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000073b11a22 2 bytes [B1, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000073b11ad0 2 bytes [B1, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000073b11b08 2 bytes [B1, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000073b11bba 2 bytes [B1, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000073b11bda 2 bytes [B1, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000759c1465 2 bytes [9C, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[2540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759c14bb 2 bytes [9C, 75]
.text ... * 2
.text C:\Program Files (x86)\Ralink\Common\RaRegistry.exe[2432] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!DispatchMessageW 000000007530787b 5 bytes JMP 000000016bd15450
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!DispatchMessageA 0000000075307bbb 5 bytes JMP 000000016bd15420
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!CreateWindowExW 0000000075308a29 5 bytes JMP 000000016bd15e30
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000075308e4e 5 bytes JMP 000000016bd155b0
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!DestroyWindow 0000000075309a55 5 bytes JMP 000000016bd15580
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!CreateWindowExA 000000007530d22e 5 bytes JMP 000000016bd15cf0
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!PeekMessageW 00000000753105ba 5 bytes JMP 000000016bd15770
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!ShowWindow 0000000075310dfb 5 bytes JMP 000000016bd15480
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!EndPaint 0000000075311341 5 bytes JMP 000000016bd15850
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!BeginPaint 0000000075311361 5 bytes JMP 000000016bd157f0
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!UpdateLayeredWindowIndirect 00000000753128da 5 bytes JMP 000000016bd15c70
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!SetCursor 00000000753141f6 5 bytes JMP 000000016bd14f80
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!PeekMessageA 0000000075315f74 5 bytes JMP 000000016bd15710
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!BringWindowToTop 0000000075317b3b 5 bytes JMP 000000016bd157d0
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!AnimateWindow 000000007531b531 5 bytes JMP 000000016bd15620
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!UpdateLayeredWindow 000000007531ba4a 5 bytes JMP 000000016bd15ba0
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!WindowFromPoint 000000007532ed12 5 bytes JMP 000000016bd14fa0
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!SetCapture 000000007532ed56 5 bytes JMP 000000016bd156f0
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 000000007532f170 5 bytes JMP 000000016bd156b0
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\GDI32.dll!BitBlt 0000000075265ea6 5 bytes JMP 000000016bd14fd0
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 00000000759c1465 2 bytes [9C, 75]
.text C:\PROGRA~2\Raptr\raptr.exe[912] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000759c14bb 2 bytes [9C, 75]
.text ... * 2
.text C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe[3444] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe[3992] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe[4092] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\PROGRA~2\Raptr\raptr_im.exe[4116] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\PROGRA~2\Raptr\raptr_im.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000759c1465 2 bytes [9C, 75]
.text C:\PROGRA~2\Raptr\raptr_im.exe[4116] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000759c14bb 2 bytes [9C, 75]
.text ... * 2
.text C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe[4624] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Program Files (x86)\Nero\Update\NASvc.exe[4052] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
.text C:\Windows\system32\svchost.exe[2232] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189 000000007743ef8d 1 byte [62]
.text C:\Users\Marcel\Desktop\Gmer-19357.exe[3896] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112 000000007587a2fd 1 byte [62]
---- Devices - GMER 2.1 ----
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-6 fffffa80070542c0
Device \Driver\atapi \Device\Ide\IdePort4 fffffa80070542c0
Device \Driver\atapi \Device\Ide\IdePort0 fffffa80070542c0
Device \Driver\atapi \Device\Ide\IdeDeviceP5T0L0-7 fffffa80070542c0
Device \Driver\atapi \Device\Ide\IdePort5 fffffa80070542c0
Device \Driver\atapi \Device\Ide\IdePort1 fffffa80070542c0
Device \Driver\atapi \Device\Ide\IdePort2 fffffa80070542c0
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 fffffa80070542c0
Device \Driver\atapi \Device\Ide\IdePort3 fffffa80070542c0
Device \Driver\aa14zslc \Device\Scsi\aa14zslc1Port6Path0Target0Lun0 fffffa8007f2c2c0
Device \Driver\aa14zslc \Device\Scsi\aa14zslc1 fffffa8007f2c2c0
Device \FileSystem\Ntfs \Ntfs fffffa800705a2c0
Device \Driver\usbehci \Device\USBFDO-7 fffffa8007ee02c0
Device \Driver\usbuhci \Device\USBPDO-5 fffffa8007ec02c0
Device \Driver\usbehci \Device\USBFDO-3 fffffa8007ee02c0
Device \Driver\usbuhci \Device\USBPDO-1 fffffa8007ec02c0
Device \Driver\USBSTOR \Device\0000009a fffffa8008c0f2c0
Device \Driver\cdrom \Device\CdRom0 fffffa8007c3f2c0
Device \Driver\dtsoftbus01 \Device\00000080 fffffa8007b912c0
Device \Driver\cdrom \Device\CdRom1 fffffa8007c3f2c0
Device \Driver\cdrom \Device\CdRom2 fffffa8007c3f2c0
Device \Driver\usbuhci \Device\USBPDO-6 fffffa8007ec02c0
Device \Driver\usbuhci \Device\USBFDO-4 fffffa8007ec02c0
Device \Driver\USBSTOR \Device\0000009b fffffa8008c0f2c0
Device \Driver\usbuhci \Device\USBFDO-0 fffffa8007ec02c0
Device \Driver\usbuhci \Device\USBPDO-2 fffffa8007ec02c0
Device \Driver\dtsoftbus01 \Device\DTSoftBusCtl fffffa8007b912c0
Device \Driver\NetBT \Device\NetBT_Tcpip_{3A19D8A8-6D80-450C-A4F4-1B198B0C2248} fffffa8007d612c0
Device \Driver\usbehci \Device\USBPDO-7 fffffa8007ee02c0
Device \Driver\usbuhci \Device\USBFDO-5 fffffa8007ec02c0
Device \Driver\usbehci \Device\USBPDO-3 fffffa8007ee02c0
Device \Driver\usbuhci \Device\USBFDO-1 fffffa8007ec02c0
Device \Driver\USBSTOR \Device\00000096 fffffa8008c0f2c0
Device \Driver\NetBT \Device\NetBT_Tcpip_{04E93810-C241-4A50-B31A-9732613B6D55} fffffa8007d612c0
Device \Driver\NetBT \Device\NetBt_Wins_Export fffffa8007d612c0
Device \Driver\usbuhci \Device\USBFDO-6 fffffa8007ec02c0
Device \Driver\usbuhci \Device\USBPDO-4 fffffa8007ec02c0
Device \Driver\atapi \Device\ScsiPort0 fffffa80070542c0
Device \Driver\usbuhci \Device\USBFDO-2 fffffa8007ec02c0
Device \Driver\NetBT \Device\NetBT_Tcpip_{8B2CDE5C-EF15-44F2-A3BB-9A91EAA6AC72} fffffa8007d612c0
Device \Driver\usbuhci \Device\USBPDO-0 fffffa8007ec02c0
Device \Driver\atapi \Device\ScsiPort1 fffffa80070542c0
Device \Driver\atapi \Device\ScsiPort2 fffffa80070542c0
Device \Driver\USBSTOR \Device\00000093 fffffa8008c0f2c0
Device \Driver\atapi \Device\ScsiPort3 fffffa80070542c0
Device \Driver\atapi \Device\ScsiPort4 fffffa80070542c0
Device \Driver\atapi \Device\ScsiPort5 fffffa80070542c0
Device \Driver\aa14zslc \Device\ScsiPort6 fffffa8007f2c2c0
---- Trace I/O - GMER 2.1 ----
Trace ntoskrnl.exe CLASSPNP.SYS disk.sys Sahdad64.sys ACPI.sys >>UNKNOWN [0xfffffa80070542c0]<< sptd.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys fffffa80070542c0
Trace 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800781f060] fffffa800781f060
Trace 3 CLASSPNP.SYS[fffff88001b2243f] -> nt!IofCallDriver -> [0xfffffa8007688a20] fffffa8007688a20
Trace 5 Sahdad64.sys[fffff88001aade25] -> nt!IofCallDriver -> [0xfffffa800751d580] fffffa800751d580
Trace 7 ACPI.sys[fffff880011977a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-7[0xfffffa8007521060] fffffa8007521060
Trace \Driver\atapi[0xfffffa80074fc8e0] -> IRP_MJ_CREATE -> 0xfffffa80070542c0 fffffa80070542c0
---- Modules - GMER 2.1 ----
Module \SystemRoot\System32\Drivers\aa14zslc.SYS (USB Mass Storage Class Driver/Microsoft Corporation SIGNED)(2011-04-29 20:29:52) fffff88007911000-fffff88007962000 (331776 bytes)
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCF 0x48 0x28 0xA6 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x2E 0xEA 0xBF 0x12 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xAB 0x85 0xB4 0xFA ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xCF 0x48 0x28 0xA6 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x2E 0xEA 0xBF 0x12 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xAB 0x85 0xB4 0xFA ...
---- EOF - GMER 2.1 ----
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Marcel (administrator) on HOME on 11-08-2014 18:36:09
Running from C:\Users\Marcel\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Internet\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(O&O Software GmbH) C:\Program Files\System\O&O Software\Defrag 15\oodtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
(AVAST Software) C:\Program Files\Internet\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(O&O Software GmbH) C:\Program Files\System\O&O Software\DriveLED\oodlag.exe
(O&O Software GmbH) C:\Program Files\System\O&O Software\Defrag 15\oodag.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(iZ3D Inc.) C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(iZ3D Inc.) C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(CyberLink Corp.) C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Internet\Mozilla Firefox 3\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [OODefragTray] => C:\Program Files\System\O&O Software\Defrag 15\oodtray.exe [3998064 2012-06-06] (O&O Software GmbH)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Internet\Avast5\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\Run: [Wondershare Helper Compact.exe] => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe"
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-07-30] (Raptr, Inc)
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: G - G:\AutoRunCD.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: K - K:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {089e7035-ff5d-11de-a98e-001d7da641eb} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {089e703c-ff5d-11de-a98e-001d7da641eb} - G:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {5c06a8ec-4219-11df-824d-001d7da641eb} - F:\pushinst.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {ea1c07d2-c6f6-11e2-92ad-001d7da641eb} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2598369041-3088188982-4083831754-1001\...\MountPoints2: {ed7af490-5425-11e3-b9d2-001d7da641eb} - K:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Internet\Avast5\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * OODBS
GroupPolicyUsers\S-1-5-21-2598369041-3088188982-4083831754-1004\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1B8194EA3F99CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Internet\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Internet\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - T1 - {4180A6C9-26D0-4A15-A2CD-A24E3178E386} - C:\Program Files (x86)\System\Langenscheidt T1 6.0\Engine\Langenscheidt T1 6_0\mte\StdAlone\T1IE.dll (Comprendium Lingua GmbH.)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default
FF DefaultSearchEngine: Microsoft (Bing)
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF NetworkProxy: "backup.ftp", "hxxp://americanproxie.info/"
FF NetworkProxy: "backup.ftp_port", 9666
FF NetworkProxy: "backup.socks", "hxxp://americanproxie.info/"
FF NetworkProxy: "backup.socks_port", 9666
FF NetworkProxy: "backup.ssl", "hxxp://americanproxie.info/"
FF NetworkProxy: "backup.ssl_port", 9666
FF NetworkProxy: "ftp", "hxxp://americanproxie.info/"
FF NetworkProxy: "ftp_port", 66
FF NetworkProxy: "http", "hxxp://americanproxie.info/"
FF NetworkProxy: "http_port", 66
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "hxxp://americanproxie.info/"
FF NetworkProxy: "socks_port", 66
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "hxxp://americanproxie.info/"
FF NetworkProxy: "ssl_port", 66
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\Medien\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Treiber\Canon Pixma MX870\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\Medien\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Foto+Video\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Marcel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Marcel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Marcel\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marcel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF Plugin HKCU: electronicarts.com/GameFacePlugin -> C:\Users\Marcel\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF SearchPlugin: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\searchplugins\bing-avast.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\Extensions\ich@maltegoetz.de [2012-12-18]
FF Extension: Stylish - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9fd24iea.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2011-05-06]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-05-31]
FF HKLM-x32\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Marcel\AppData\Roaming\14001.006
FF Extension: Java Link Helper - C:\Users\Marcel\AppData\Roaming\14001.006 [2012-07-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Internet\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Internet\Avast5\WebRep\FF [2011-04-15]
FF HKCU\...\Firefox\Extensions: [{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}] - C:\Users\Marcel\AppData\Roaming\14001.006
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Marcel\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Marcel\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Marcel\AppData\Local\Google\Chrome\Application\36.0.1985.125\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Internet\Mozilla Firefox 3\plugins\npqtplugin7.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll No File
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Foto+Video\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\Medien\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Treiber\Canon Pixma MX870\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Unity Player) - C:\Users\Marcel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Marcel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Extension: (YouTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (ProxyTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnmbofoofebojccpdnfhnegmiifdgpfg [2012-01-07]
CHR Extension: (Google-Suche) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (Google Wallet) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-12]
CHR Extension: (Google Mail) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Internet\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [457200 2009-06-02] ()
R2 avast! Antivirus; C:\Program Files\Internet\Avast5\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
S4 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [39408 2010-09-13] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-03-14] (CyberLink Corp.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-12-03] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-12-03] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-05-20] (Creative Technology Ltd) [File not signed]
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-03-14] (CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-03-14] (CyberLink)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-02] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 O&O DriveLED; C:\Program Files\System\O&O Software\DriveLED\oodlag.exe [610048 2009-09-28] (O&O Software GmbH)
R2 OODefragAgent; C:\Program Files\System\O&O Software\Defrag 15\oodag.exe [3293552 2012-06-06] (O&O Software GmbH)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-09] ()
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [619872 2010-12-31] ()
S3 RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [1099248 2010-07-16] (Sonic Solutions)
R2 S3D Service (Win32); C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe [360960 2010-03-18] (iZ3D Inc.) [File not signed]
R2 S3D Service (Win64); C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe [614400 2010-03-18] (iZ3D Inc.) [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [615936 2010-06-14] (Nokia) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASAPIW2K; C:\Windows\SysWOW64\drivers\Asapiw2k.sys [11264 2002-04-17] (VOB Computersysteme GmbH) [File not signed]
S3 asusgsb; C:\Windows\System32\drivers\asusgsb.sys [17792 2009-02-17] (ASUSTeK Computer Inc.) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-01] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-03-04] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2009-03-20] (AVM Berlin)
S3 bfturboh; C:\Windows\SysWOW64\drivers\bfturboh.sys [17152 2008-02-12] (BUFFALO INC.) [File not signed]
S0 CLBStor; C:\Windows\SysWow64\Drivers\CLBStor.sys [10368 2008-10-20] (Cyberlink Co.,Ltd.) [File not signed]
S2 CLBUDFR; C:\Windows\SysWow64\Drivers\CLBUDFR.sys [154368 2008-10-20] (CyberLink Corporation.) [File not signed]
R2 cpuz133; C:\Windows\system32\drivers\cpuz133_x64.sys [20456 2010-03-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-12-11] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2009-03-20] (AVM GmbH)
R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [13872 2004-06-11] (GEAR Software Inc.)
R1 iZ3DInjectionDriver; C:\Program Files (x86)\iZ3D Driver\Win64\S3DInjectionDriver.sys [43704 2009-05-27] ()
S3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [44272 2013-01-17] (Logitech Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-03-04] ()
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
S3 MODEMCSA; C:\Windows\system32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [82928 2011-10-27] (Cyberlink Corp.)
R0 OODrvled; C:\Windows\System32\DRIVERS\OODrvled.sys [30216 2009-09-28] (O&O Software GmbH)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1627520 2009-06-10] (NXP Semiconductors)
R3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [129024 2008-01-21] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2008-02-18] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [41216 2008-02-18] (Saitek)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2013-12-11] (Duplex Secure Ltd.)
R0 tclondrv; C:\Windows\System32\DRIVERS\tclondrv.sys [26856 2012-02-24] (TuneClone Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [File not signed]
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [993280 2007-07-20] (C-Media Inc)
S3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\PowerDVD 12\PowerDVD12\Common\NavFilter\000.fcl [146928 2012-02-16] (CyberLink Corp.)
U3 aa14zslc; C:\Windows\System32\Drivers\aa14zslc.sys [0 ] (Microsoft Corporation)
S3 Andbus; system32\DRIVERS\lgandbus64.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem64.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 AndNetGps; system32\DRIVERS\lgandnetgps64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis64.sys [X]
S3 ATICDSDr; \??\C:\Users\Marcel\AppData\Local\Temp\ATICDSDr.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S1 EIO64; system32\DRIVERS\EIO64.sys [X]
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 nmwcdcx64; system32\drivers\ccdcmbox64.sys [X]
S3 nmwcdx64; system32\drivers\ccdcmbx64.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x64\Sandra.sys [X]
S3 smserial; system32\DRIVERS\smserial.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltx64j.sys [X]
S3 zlportio; \??\G:\Software\Audio - Bearbeitung\Ultrastar\Ultrastar-Deluxe-100\zlportio.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-11 18:36 - 2014-08-11 18:37 - 00033653 _____ () C:\Users\Marcel\Desktop\FRST.txt
2014-08-11 18:35 - 2014-08-11 18:36 - 00000000 ____D () C:\FRST
2014-08-11 18:35 - 2014-08-11 18:35 - 00023528 _____ () C:\Users\Marcel\Desktop\AdwCleaner[S0].txt
2014-08-11 18:34 - 2014-08-11 18:34 - 02099712 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2014-08-11 18:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-11 18:03 - 2014-08-11 18:17 - 00000000 ____D () C:\AdwCleaner
2014-08-11 18:02 - 2014-08-11 18:02 - 01366203 _____ () C:\Users\Marcel\Downloads\adwcleaner_3.304.exe
2014-08-11 15:53 - 2014-08-11 15:53 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Marcel\Downloads\GPU-Z.0.7.8.exe
2014-08-11 15:35 - 2014-08-11 15:35 - 00000000 ____D () C:\ProgramData\ATI
2014-08-11 15:34 - 2014-08-11 15:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-08-11 15:34 - 2014-08-11 15:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\library_dir
2014-08-11 15:30 - 2014-08-11 18:23 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Raptr
2014-08-11 15:30 - 2014-08-11 15:34 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-11 15:30 - 2014-08-11 15:30 - 00056272 _____ () C:\Windows\SysWOW64\CCCInstall_201408111530280893.log
2014-08-11 15:30 - 2014-08-11 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-11 15:30 - 2014-08-11 15:30 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-11 15:25 - 2014-08-11 15:25 - 00000000 ____D () C:\Program Files\AMD
2014-08-11 15:21 - 2014-08-11 15:21 - 00000000 ____D () C:\AMD
2014-08-11 15:18 - 2014-08-11 15:20 - 00000000 ____D () C:\Users\Marcel\Desktop\Unsortiert
2014-08-11 01:01 - 2014-08-11 01:19 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\GameTracker
2014-08-11 01:01 - 2014-08-11 01:01 - 00001026 _____ () C:\Users\Marcel\Desktop\GameTracker Lite.lnk
2014-08-11 01:01 - 2014-08-11 01:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite
2014-08-11 01:01 - 2014-08-11 01:01 - 00000000 ____D () C:\Program Files (x86)\GameTracker
2014-08-09 11:55 - 2014-08-09 11:55 - 00000529 _____ () C:\Users\Marcel\Desktop\Origin.lnk
2014-08-09 02:28 - 2014-08-09 02:28 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-07 17:46 - 2014-08-07 17:46 - 00001364 _____ () C:\Users\Marcel\Desktop\Steam.lnk
2014-08-05 20:25 - 2014-08-11 15:03 - 00003138 _____ () C:\Users\Marcel\Desktop\steam.txt
2014-08-05 20:25 - 2011-12-03 10:58 - 00002078 _____ () C:\Users\Marcel\Desktop\steam (2).txt
2014-08-02 18:35 - 2014-08-02 18:35 - 00007177 _____ () C:\Users\Marcel\AppData\Local\recently-used.xbel
2014-08-02 17:24 - 2014-08-02 18:32 - 00000000 ____D () C:\Users\Marcel\AppData\Local\gtk-2.0
2014-08-02 17:24 - 2014-08-02 17:24 - 00000000 ____D () C:\Users\Marcel\.thumbnails
2014-08-02 17:19 - 2014-08-02 18:35 - 00000000 ____D () C:\Users\Marcel\.gimp-2.8
2014-08-02 17:19 - 2014-08-02 17:28 - 00000892 _____ () C:\Users\Marcel\Desktop\GIMP 2.lnk
2014-08-02 17:19 - 2014-08-02 17:19 - 00000000 ____D () C:\Users\Marcel\AppData\Local\gegl-0.2
2014-08-02 17:18 - 2014-08-02 17:18 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-08-02 17:17 - 2014-08-02 17:18 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-02 12:11 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 12:11 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 12:11 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 12:11 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 12:11 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 12:11 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 12:11 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 12:11 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 12:10 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 12:10 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 12:10 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 12:10 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 12:10 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 12:10 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 23:31 - 2014-08-01 23:31 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-01 23:31 - 2014-08-01 23:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-01 23:31 - 2014-08-01 23:31 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-31 15:35 - 2014-07-31 15:35 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Skype
2014-07-31 15:35 - 2014-07-31 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-31 00:48 - 2014-07-31 00:50 - 00004096 _____ () C:\Users\Public\Documents\0000549F.LCS
2014-07-31 00:48 - 2014-07-31 00:48 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\ProtectDISC
2014-07-31 00:42 - 2014-07-31 00:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-31 00:40 - 2014-07-31 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadriga Games
2014-07-31 00:17 - 2014-07-31 00:17 - 00000000 ____D () C:\Program Files (x86)\Quadriga Games
2014-07-30 11:04 - 2014-07-31 12:23 - 00000000 ____D () C:\Users\Marcel\Desktop\Wohnungen
2014-07-29 13:37 - 2014-07-29 13:39 - 00000000 ____D () C:\Users\Marcel\Desktop\Anwalt Albert
2014-07-28 15:05 - 2014-08-02 16:59 - 00000000 ____D () C:\Users\Marcel\Documents\FUSSBALL MANAGER 14
2014-07-28 15:04 - 2014-07-28 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 14
2014-07-28 12:15 - 2014-07-28 12:39 - 00000000 ____D () C:\Users\Marcel\Downloads\Der_Koenig_Der_Loewen_(Musical_Soundtrack)-FLAC-DE-2002-LiONKiNG
2014-07-22 14:55 - 2014-07-22 14:57 - 17034857 _____ () C:\Users\Marcel\Downloads\Gmail (1).zip
2014-07-12 17:18 - 2014-07-12 17:19 - 15253171 _____ () C:\Users\Marcel\Downloads\Gmail.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-11 18:37 - 2014-08-11 18:36 - 00033653 _____ () C:\Users\Marcel\Desktop\FRST.txt
2014-08-11 18:36 - 2014-08-11 18:35 - 00000000 ____D () C:\FRST
2014-08-11 18:35 - 2014-08-11 18:35 - 00023528 _____ () C:\Users\Marcel\Desktop\AdwCleaner[S0].txt
2014-08-11 18:34 - 2014-08-11 18:34 - 02099712 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2014-08-11 18:30 - 2009-07-14 06:45 - 00021632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-11 18:30 - 2009-07-14 06:45 - 00021632 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-11 18:29 - 2012-08-17 11:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-11 18:27 - 2010-01-09 00:23 - 02080226 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 18:23 - 2014-08-11 15:30 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Raptr
2014-08-11 18:22 - 2013-05-28 18:53 - 00000000 ____D () C:\Users\Marcel\AppData\Local\HTC MediaHub
2014-08-11 18:22 - 2011-04-12 23:42 - 00000432 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-11 18:21 - 2012-07-22 14:09 - 00004172 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-11 18:20 - 2011-03-22 00:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-11 18:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-11 18:19 - 2011-12-14 07:12 - 00174145 _____ () C:\Windows\setupact.log
2014-08-11 18:18 - 2010-01-09 18:51 - 03781145 _____ () C:\Windows\system32\oodbs.lor
2014-08-11 18:18 - 2010-01-09 04:57 - 00689016 _____ () C:\Windows\PFRO.log
2014-08-11 18:17 - 2014-08-11 18:03 - 00000000 ____D () C:\AdwCleaner
2014-08-11 18:17 - 2014-07-07 16:29 - 00000866 _____ () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-11 18:17 - 2011-03-20 14:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-11 18:17 - 2010-01-12 15:44 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet
2014-08-11 18:17 - 2010-01-09 00:30 - 00000963 _____ () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-11 18:03 - 2011-03-20 14:33 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA.job
2014-08-11 18:02 - 2014-08-11 18:02 - 01366203 _____ () C:\Users\Marcel\Downloads\adwcleaner_3.304.exe
2014-08-11 17:56 - 2011-03-22 00:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-11 17:54 - 2011-10-13 20:35 - 00001142 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001UA.job
2014-08-11 17:54 - 2010-01-14 21:59 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{75A9082D-E348-420E-B526-BD3D396163AB}
2014-08-11 17:13 - 2011-02-24 14:53 - 00000000 ____D () C:\Users\Marcel\Downloads\Software
2014-08-11 16:03 - 2011-04-28 06:58 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core1cc0560e24762f0.job
2014-08-11 15:53 - 2014-08-11 15:53 - 01643096 _____ (techPowerUp (www.techpowerup.com)) C:\Users\Marcel\Downloads\GPU-Z.0.7.8.exe
2014-08-11 15:35 - 2014-08-11 15:35 - 00000000 ____D () C:\ProgramData\ATI
2014-08-11 15:34 - 2014-08-11 15:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-08-11 15:34 - 2014-08-11 15:34 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\library_dir
2014-08-11 15:34 - 2014-08-11 15:30 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-11 15:30 - 2014-08-11 15:30 - 00056272 _____ () C:\Windows\SysWOW64\CCCInstall_201408111530280893.log
2014-08-11 15:30 - 2014-08-11 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-11 15:30 - 2014-08-11 15:30 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-11 15:30 - 2012-05-07 07:09 - 00000000 ____D () C:\ProgramData\AMD
2014-08-11 15:29 - 2011-12-13 23:30 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-11 15:25 - 2014-08-11 15:25 - 00000000 ____D () C:\Program Files\AMD
2014-08-11 15:23 - 2013-01-08 15:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-11 15:21 - 2014-08-11 15:21 - 00000000 ____D () C:\AMD
2014-08-11 15:21 - 2010-12-12 01:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-11 15:20 - 2014-08-11 15:18 - 00000000 ____D () C:\Users\Marcel\Desktop\Unsortiert
2014-08-11 15:20 - 2011-03-01 01:02 - 00000000 ___RD () C:\Users\Marcel\Desktop\Games
2014-08-11 15:03 - 2014-08-05 20:25 - 00003138 _____ () C:\Users\Marcel\Desktop\steam.txt
2014-08-11 14:35 - 2011-11-26 22:57 - 00000000 ____D () C:\ProgramData\Origin
2014-08-11 01:19 - 2014-08-11 01:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\GameTracker
2014-08-11 01:01 - 2014-08-11 01:01 - 00001026 _____ () C:\Users\Marcel\Desktop\GameTracker Lite.lnk
2014-08-11 01:01 - 2014-08-11 01:01 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameTracker Lite
2014-08-11 01:01 - 2014-08-11 01:01 - 00000000 ____D () C:\Program Files (x86)\GameTracker
2014-08-10 23:46 - 2011-10-13 20:35 - 00001120 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2598369041-3088188982-4083831754-1001Core.job
2014-08-10 21:44 - 2010-01-09 13:01 - 00570014 _____ () C:\Windows\DirectX.log
2014-08-10 21:35 - 2011-03-02 05:02 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Skype
2014-08-10 15:24 - 2010-04-09 17:43 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-10 13:39 - 2011-11-29 22:21 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-10 13:39 - 2011-11-27 13:37 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-10 13:33 - 2010-01-16 17:28 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-09 12:33 - 2013-11-18 01:36 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-08-09 12:05 - 2011-03-16 18:57 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc
2014-08-09 11:55 - 2014-08-09 11:55 - 00000529 _____ () C:\Users\Marcel\Desktop\Origin.lnk
2014-08-09 02:42 - 2011-11-29 22:21 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-09 02:28 - 2014-08-09 02:28 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-09 02:22 - 2011-04-14 00:50 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Xfire
2014-08-09 02:21 - 2011-04-14 00:50 - 00000000 ____D () C:\ProgramData\Xfire
2014-08-09 02:14 - 2010-01-13 14:39 - 00000000 ____D () C:\Program Files (x86)\Büro
2014-08-07 23:28 - 2011-11-15 17:59 - 00000007 _____ () C:\Users\Marcel\Documents\mt-x_hook.txt
2014-08-07 23:28 - 2010-11-23 13:06 - 00000007 _____ () C:\Users\Marcel\Documents\mt-e_hook.txt
2014-08-07 17:46 - 2014-08-07 17:46 - 00001364 _____ () C:\Users\Marcel\Desktop\Steam.lnk
2014-08-06 12:04 - 2013-11-04 22:17 - 00000000 ____D () C:\Users\Marcel\Documents\Schriftverkehr
2014-08-06 11:29 - 2014-07-07 16:59 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-05 23:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-04 23:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-02 18:35 - 2014-08-02 18:35 - 00007177 _____ () C:\Users\Marcel\AppData\Local\recently-used.xbel
2014-08-02 18:35 - 2014-08-02 17:19 - 00000000 ____D () C:\Users\Marcel\.gimp-2.8
2014-08-02 18:32 - 2014-08-02 17:24 - 00000000 ____D () C:\Users\Marcel\AppData\Local\gtk-2.0
2014-08-02 17:28 - 2014-08-02 17:19 - 00000892 _____ () C:\Users\Marcel\Desktop\GIMP 2.lnk
2014-08-02 17:24 - 2014-08-02 17:24 - 00000000 ____D () C:\Users\Marcel\.thumbnails
2014-08-02 17:24 - 2010-01-09 00:29 - 00000000 ____D () C:\Users\Marcel
2014-08-02 17:19 - 2014-08-02 17:19 - 00000000 ____D () C:\Users\Marcel\AppData\Local\gegl-0.2
2014-08-02 17:18 - 2014-08-02 17:18 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-08-02 17:18 - 2014-08-02 17:17 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-02 16:59 - 2014-07-28 15:05 - 00000000 ____D () C:\Users\Marcel\Documents\FUSSBALL MANAGER 14
2014-08-02 15:06 - 2013-08-01 12:09 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-01 23:31 - 2014-08-01 23:31 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-01 23:31 - 2014-08-01 23:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-01 23:31 - 2014-08-01 23:31 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-01 23:31 - 2013-10-13 11:25 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-01 23:31 - 2013-10-13 11:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-01 23:31 - 2012-03-27 21:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-01 23:31 - 2011-04-15 15:21 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-01 23:31 - 2011-01-16 16:01 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-01 23:31 - 2010-12-18 13:30 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-01 23:31 - 2010-12-18 13:30 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-31 15:36 - 2011-03-02 05:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-31 15:35 - 2014-07-31 15:35 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Skype
2014-07-31 15:35 - 2014-07-31 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-31 15:35 - 2011-03-02 05:02 - 00000000 ____D () C:\ProgramData\Skype
2014-07-31 12:23 - 2014-07-30 11:04 - 00000000 ____D () C:\Users\Marcel\Desktop\Wohnungen
2014-07-31 00:50 - 2014-07-31 00:48 - 00004096 _____ () C:\Users\Public\Documents\0000549F.LCS
2014-07-31 00:48 - 2014-07-31 00:48 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\ProtectDISC
2014-07-31 00:42 - 2014-07-31 00:42 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-31 00:40 - 2014-07-31 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadriga Games
2014-07-31 00:40 - 2012-12-22 14:08 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Quadriga Games
2014-07-31 00:17 - 2014-07-31 00:17 - 00000000 ____D () C:\Program Files (x86)\Quadriga Games
2014-07-29 13:39 - 2014-07-29 13:37 - 00000000 ____D () C:\Users\Marcel\Desktop\Anwalt Albert
2014-07-28 15:04 - 2014-07-28 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 14
2014-07-28 15:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-28 14:48 - 2011-11-26 22:57 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Origin
2014-07-28 12:39 - 2014-07-28 12:15 - 00000000 ____D () C:\Users\Marcel\Downloads\Der_Koenig_Der_Loewen_(Musical_Soundtrack)-FLAC-DE-2002-LiONKiNG
2014-07-28 12:39 - 2011-03-16 20:16 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\foobar2000
2014-07-28 12:31 - 2012-06-22 10:05 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Audacity
2014-07-25 11:49 - 2013-01-06 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 11:42 - 2013-01-06 20:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 11:42 - 2013-01-06 20:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-22 14:57 - 2014-07-22 14:55 - 17034857 _____ () C:\Users\Marcel\Downloads\Gmail (1).zip
2014-07-17 16:51 - 2009-07-14 19:58 - 00713410 _____ () C:\Windows\system32\perfh007.dat
2014-07-17 16:51 - 2009-07-14 19:58 - 00155346 _____ () C:\Windows\system32\perfc007.dat
2014-07-17 16:51 - 2009-07-14 07:13 - 01658092 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 17:19 - 2014-07-12 17:18 - 15253171 _____ () C:\Users\Marcel\Downloads\Gmail.zip
2014-07-12 14:09 - 2014-01-22 13:54 - 00000000 ____D () C:\Users\Marcel\Desktop\Mr. Nuffels
Files to move or delete:
====================
C:\Users\Public\dcmsvcsetup.exe
C:\Users\Public\invokesi.exe
Some content of TEMP:
====================
C:\Users\Marcel\AppData\Local\Temp\1305nua.exe
C:\Users\Marcel\AppData\Local\Temp\14-4-mobility-win7-win8-win8.1-64-dd-ccc-whql.exe
C:\Users\Marcel\AppData\Local\Temp\Caramava_bs.exe
C:\Users\Marcel\AppData\Local\Temp\cmd.dll
C:\Users\Marcel\AppData\Local\Temp\Crysis_Patch_1_2_launcher.exe
C:\Users\Marcel\AppData\Local\Temp\GUR24ED.exe
C:\Users\Marcel\AppData\Local\Temp\GURE56E.exe
C:\Users\Marcel\AppData\Local\Temp\GURF739.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Marcel\AppData\Local\Temp\MSNC9E2.exe
C:\Users\Marcel\AppData\Local\Temp\NEventMessages.dll
C:\Users\Marcel\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Marcel\AppData\Local\Temp\OutlookConnector.exe
C:\Users\Marcel\AppData\Local\Temp\PicasaUpdater_528a.exe
C:\Users\Marcel\AppData\Local\Temp\Quarantine.exe
C:\Users\Marcel\AppData\Local\Temp\raptrpatch.exe
C:\Users\Marcel\AppData\Local\Temp\raptr_stub.exe
C:\Users\Marcel\AppData\Local\Temp\rootsupd.exe
C:\Users\Marcel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marcel\AppData\Local\Temp\sonarinst.exe
C:\Users\Marcel\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Marcel\AppData\Local\Temp\tmp43A8.exe
C:\Users\Marcel\AppData\Local\Temp\tmp87F3.exe
C:\Users\Marcel\AppData\Local\Temp\tmp9981.exe
C:\Users\Marcel\AppData\Local\Temp\tmpA38F.exe
C:\Users\Marcel\AppData\Local\Temp\tmpC792.exe
C:\Users\Marcel\AppData\Local\Temp\tmpF797.exe
C:\Users\Marcel\AppData\Local\Temp\unrar.dll
C:\Users\Marcel\AppData\Local\Temp\wmfdist.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-07 19:48
==================== End Of Log ============================
Das war erstmal alles was ich an Logs habe. Die Logdatein vom AdwCleaner und die Addition musste ich leider aufgrund der Zeichenzahl anhängen. Bereits im Voraus vielen Dank für Eure Hilfe! Freundliche Grüße Marcel |
| Themen zu PC äußerst langsam - Bootet langsam |
| adobe, antivirus, booten, bootet langsam, browser, classpnp.sys, cursor, desktop, firefox, flash player, frage, google, hal.dll, helper, home, homepage, iexplore.exe, langsam, launch, monitor, mozilla, realtek, scan, security, server, services.exe, software, svchost.exe, system |
Baum-Darstellung