Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows

System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows


Log-Analyse und Auswertung: System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.09.2014, 11:17   #1
Schmuckler
 
System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows - Standard

System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows


Liebes Trojaner Board Team.

Seit einiger Zeit wird mein Rechner relativ kurz (ca.5 Min.) nach dem Einschallten langsam und vor allem lassen sich die Programme nicht mehr starten. Weder von der Toolbar noch durch Doppelklick. Direkt nach dem Einschalten ist das Starten noch möglich und die Programme (Outlook, Firefox) sind dann auch benutzbar. Wenn ein Programm zu spät gestartet wird reagiert der Rechner nicht mehr, und auch der Taskmanager kann nicht geöffnet werden. Wenn der Rechner runter gefahren werden soll wird angezeigt das das Programm " AMD:CCC capturing Windows " das Herunterfahren verhindert. Herunterfahren erzwingen führt dann zu Blackscreen mit Mausanzeiger aber der Rechner geht nicht aus.

Ich hoffe das sind mit den Anhängen die nötigen Infos, und ich danke Euch ganz herzlich für Eure Mühe.

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
Ran by Rolf Börne at 2014-09-16 11:07:41
Running from C:\Users\Rolf Börne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AntiVir Desktop (Enabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AntiVir Desktop (Enabled - Up to date) {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements (HKLM\...\Adobe Photoshop Elements 1.0) (Version: 1.0 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 13.30.100.40811 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (Version: 2014.0811.2303.39561 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{58F75E91-560A-1EDF-483C-104AF537AD86}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Artweaver 0.5 (HKLM\...\{26A1E9CF-BFC1-4309-80CD-C182D80922DB}_is1) (Version: 0.5.7 - Artweaver)
AVM FRITZ!DSL (HKLM\...\{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}) (Version: 2.04.03 - AVM Berlin)
AVM FRITZ!fax für FRITZ!Box (HKLM\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Belkin N Wireless USB Adapter Setup (HKLM\...\{4EE9A620-46A0-4BCF-82AC-950D2BBED982}) (Version: 2.20 - Belkin)
Bewerbungsfoto-/Passbild-Generator v3.5b (HKLM\...\Passbild-Generator_is1) (Version:  - )
BlazePhoto 2.0 (HKLM\...\BlazePhoto 2.0_is1) (Version:  - )
Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon MP Navigator 3.0 (HKLM\...\MP Navigator 3.0) (Version:  - )
Canon MP510 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP510) (Version:  - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2010.0202.2335.42270 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2014.0811.2302.39561 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2014.0811.2303.39561 - Advanced Micro Devices, Inc.) Hidden
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3213 - CyberLink Corp.)
CyberLink Power2Go (Version: 6.1.3213 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.6720 - CyberLink Corp.)
FreeOCR v4.2 (HKLM\...\freeocr_is1) (Version:  - )
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
GIMP 2.6.10 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google SketchUp 8 (HKLM\...\{4BA6784F-3B10-473A-B9F5-33A36AC354D5}) (Version: 3.0.14358 - Google, Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript) (Version: 9.02 - Artifex Software Inc.)
GSview 4.9 (HKLM\...\GSview 4.9) (Version:  - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.28 - Irfan Skiljan)
Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
JoGoVEREIN (HKLM\...\{F9534708-5066-426B-9D76-A2C0152F06BC}) (Version: 2.3 - Göldenitz Software)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Macromedia FreeHand 10 (HKLM\...\{4D826618-59C6-11D4-976E-00C04F8EEB39}) (Version: 10 - Macromedia)
Macromedia FreeHand 9 (HKLM\...\Macromedia FreeHand 9) (Version: 9 - Macromedia)
Mein Verein (HKLM\...\{9ACE3A18-EE13-4012-989C-2BCDC95BA6B9}_is1) (Version: 15.0 - Buhl Data Service GmbH)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (Version: 1.3.59.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.50106.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 de) (HKLM\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nitro PDF Reader 2 (HKLM\...\{A75BDD40-6540-4922-BFF7-D9DCCECAD714}) (Version: 2.0.0.29 - Nitro PDF Software)
Notepad++ (HKLM\...\Notepad++) (Version: 5.9.8 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Rhinoceros 5 (HKLM\...\{BE29FEDB-30A6-4520-A029-9CF519C55CD3}) (Version: 5.7.31213.18395 - Robert McNeel & Associates)
Rhinoceros 5.0 Help Media (HKLM\...\{B247EAD4-805E-4F13-A4D3-E3A80CD0EC36}) (Version: 5.1.20828.1435 - Robert McNeel & Associates)
Rhinoceros 5.0 Language Pack Installer (de-DE) (HKLM\...\{8AC83A45-28D2-4693-9E25-F4C2DBB8DD6A}) (Version: 5.1.20905.0935 - Robert McNeel & Associates)
Sony Ericsson PC Suite 6.011.00 (HKLM\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 6.011.00 - Sony Ericsson)
Trust Tablet Driver (HKLM\...\TabletDriver) (Version:  - )
TurboCAD Deluxe V.10 (HKLM\...\{797505A5-C0CC-42E7-A2F7-459314CD386F}) (Version: 10.1.56.0 - IMSI)
TurboCAD Symbole (HKLM\...\{1B5C2B5E-4756-4A5B-B49C-2166AE6B17D5}) (Version: 10.0 - Ihr Firmenname)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office InfoPath 2007 (KB976416) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{432C5EE4-8096-4FF1-95E1-65219365DFF7}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{1D53FB73-9826-4541-B2E0-A239C6EBA718}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{34726474-50D6-49FC-B8AC-35411459D27A}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VIPRE Antivirus (HKLM\...\{C1D1FC57-3EB9-4B21-BCA3-F1C927508200}) (Version: 4.0.4280 - Sunbelt Software)
VIPRE Antivirus (Version: 4.0.4280 - Sunbelt Software) Hidden
VIS (HKLM\...\VIS) (Version:  - ) <==== ATTENTION
Visitenkarten in 2 Minuten (HKLM\...\Visitenkarten in 2 Minuten) (Version:  - )
Webocton - Scriptly 0.8.95.6 (HKLM\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Windows Live Call (Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Toolbar (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{2C10CA50-05D0-11D2-8697-0000B46B691D}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\Ties\ObjectTie.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{4218E7A0-5A08-BABC-F6C0-2D5EC9B2F73A}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{49E39851-1FC0-11D2-8698-0000B46B691D}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\Ties\SmartHatch.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{5B60CCED-F564-43BA-802B-01183FAA0A84}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\Draggers\TCImageTool.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481001-E531-11CF-A115-00A024158DAF}\localserver32 -> C:\Program Files\IMSI\TCW100\Program\Tcw10.exe (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481002-E531-11CF-A115-00A024158DAF}\localserver32 -> C:\Program Files\IMSI\TCW100\Program\Tcw10.exe (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481003-E531-11CF-A115-00A024158DAF}\localserver32 -> C:\Program Files\IMSI\TCW100\Program\Tcw10.exe (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481004-E531-11CF-A115-00A024158DAF}\localserver32 -> C:\Program Files\IMSI\TCW100\Program\Tcw10.exe (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481005-E531-11CF-A115-00A024158DAF}\localserver32 -> C:\Program Files\IMSI\TCW100\Program\Tcw10.exe (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481801-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\IMSIGX10.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481802-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\IMSIGX10.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481803-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\IMSIGX10.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481804-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\IMSIGX10.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6A481805-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\IMSIGX10.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{6E1099B5-A2D4-11D5-BA2B-00C0DF0625A5}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\Draggers\RevisionCloud.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{90E611F0-DE07-11D2-ABC3-0000B46B691D}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\Ties\ViewportTie.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{BF0BBC85-A311-11D3-A82D-00C0DF246524}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\TcTools\PalTool.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> C:\Windows\system32\MSVBVM60.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{E830E884-1B3D-11D4-9BEE-00C0DF246524}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\TcTools\FPBridgeTool.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{E830E887-1B3D-11D4-9BEE-00C0DF246524}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\TcTools\FPBridgeTool.dll (International Microcomputer Software, Inc.)
CustomCLSID: HKU\S-1-5-21-4071752470-356845625-1869480124-1000_Classes\CLSID\{F5125F6F-A84D-4830-AD78-A13E03B64185}\InprocServer32 -> C:\Program Files\IMSI\TCW100\Program\Draggers\BPMngr.dll (International Microcomputer Software, Inc.)

==================== Restore Points  =========================

31-07-2014 07:30:38 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
03-08-2014 10:54:34 Windows Update
04-08-2014 07:48:24 Windows-Sicherung
10-08-2014 17:00:20 Windows-Sicherung
15-08-2014 14:47:32 Windows Update
18-08-2014 06:52:54 Windows-Sicherung
21-08-2014 08:44:56 JoGoVEREIN wurde installiert.
24-08-2014 19:31:10 Windows-Sicherung
28-08-2014 12:09:37 Windows Update
01-09-2014 06:32:37 Windows-Sicherung
07-09-2014 17:00:15 Windows-Sicherung
10-09-2014 09:16:30 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
10-09-2014 09:19:59 Gerätetreiber-Paketinstallation: Advanced Micro Devices, Inc. Grafikkarte
10-09-2014 09:28:27 Windows Update
13-09-2014 10:41:55 Google SketchUp 7 wurde entfernt
13-09-2014 10:45:23 Windows Live Sync wird entfernt
13-09-2014 10:46:04 Windows Live-Uploadtool wird entfernt
13-09-2014 10:46:38 Windows Live ID-Anmelde-Assistent wird entfernt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00D1A77A-687B-42A5-ABE6-79D7EF2F3B5D} - System32\Tasks\5d86c780 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup585473984.exe <==== ATTENTION
Task: {038D62BF-D39C-422D-911A-97B42B0650A9} - System32\Tasks\cb0e0740 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2833694208.exe <==== ATTENTION
Task: {05B6138D-3F23-4DF7-B965-4C51E50C4E49} - System32\Tasks\b34ef000 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2663846912.exe <==== ATTENTION
Task: {0926798E-C971-4187-9EA6-ABCF4BD64B75} - System32\Tasks\c6f4d800 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1790414848.exe <==== ATTENTION
Task: {0A2EFCA8-94AC-46BC-BCE1-6B462AE64196} - System32\Tasks\30c9ba00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3917814016.exe <==== ATTENTION
Task: {0B835C69-AB43-4028-BCBA-FDB96E93344D} - System32\Tasks\80365000 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2151043072.exe <==== ATTENTION
Task: {0FBFCC11-52C4-469A-AE60-46D009526AC9} - System32\Tasks\3cd4a480 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup700768704.exe <==== ATTENTION
Task: {11CBEF12-BD41-4F49-BFB7-75C8A4B19B85} - System32\Tasks\2b70e00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2426718400.exe <==== ATTENTION
Task: {1235A074-3671-4444-8C7F-30A4601A3BE1} - System32\Tasks\dae6fa80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3606278272.exe <==== ATTENTION
Task: {161EF1E6-16CA-4A3F-87D8-3D9BEAC3478C} - System32\Tasks\{082AFE0C-FF29-4098-A024-3B336499C8CD} => C:\Program Files\Archery 3D\Archery 3D.EXE
Task: {1B674B87-B206-47AA-ABA4-EF12DF422C14} - System32\Tasks\d046cc80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3494300800.exe <==== ATTENTION
Task: {1CAC36CB-DDBA-44F6-A7E0-73097F31A6C8} - System32\Tasks\d96a9400 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2630520576.exe <==== ATTENTION
Task: {1D739CD3-8790-4BA8-A0F7-48DF588D5D7F} - System32\Tasks\4e91b080 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup561810752.exe <==== ATTENTION
Task: {201DE302-08A6-40FA-9F85-E695F7F9FE57} - System32\Tasks\e38c4800 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3081301504.exe <==== ATTENTION
Task: {216CDF7A-C290-4955-ACFE-94766D06FCBB} - System32\Tasks\ac37b400 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1291819008.exe <==== ATTENTION
Task: {2573E242-1173-413B-8579-8DF6BD603448} - System32\Tasks\9d3bb400 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup19055616.exe <==== ATTENTION
Task: {271608B6-F6AF-4B22-802C-30A5F23478D8} - System32\Tasks\d0e49b80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2092802944.exe <==== ATTENTION
Task: {29695F06-9DE7-495C-9B03-8E8DBA94E34A} - System32\Tasks\4ff56b00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2336739072.exe <==== ATTENTION
Task: {2BAD8B50-231F-4908-A5EE-A6A7EDB6491C} - System32\Tasks\70c4ac00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3687064576.exe <==== ATTENTION
Task: {2C4A7ADC-DA5E-447F-88DA-ADBA38BCC8F6} - System32\Tasks\5cdee900 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup145912512.exe <==== ATTENTION
Task: {2E362A26-5396-42D2-A216-77274E459060} - System32\Tasks\4caa1e00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup117297216.exe <==== ATTENTION
Task: {2E3CB913-C0F0-44B3-A14A-31C396BF28B0} - System32\Tasks\22ead680 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup404255680.exe <==== ATTENTION
Task: {2E9A9BFC-1D97-4378-9A84-CD9339C45058} - System32\Tasks\3e07a800 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup173329152.exe <==== ATTENTION
Task: {2EAF5561-E982-46EF-A813-49EC19A9864B} - System32\Tasks\9ecb3600 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2005557760.exe <==== ATTENTION
Task: {2EDA466C-0DD2-416D-9717-363F0116F30D} - System32\Tasks\bb663f00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1625224192.exe <==== ATTENTION
Task: {32460DBC-7FF7-4CA3-B708-330EB158713A} - System32\Tasks\2eb3400 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup513245184.exe <==== ATTENTION
Task: {32650CF3-0BE1-4E2E-92D0-12F32E7BF476} - System32\Tasks\23233980 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup330551040.exe <==== ATTENTION
Task: {33BE5ECF-1F65-46E3-B39C-37607C98A2FC} - System32\Tasks\a791adc0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1691702272.exe <==== ATTENTION
Task: {34953664-2040-47A2-9968-CDB25EB38841} - System32\Tasks\2da0c900 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1526315712.exe <==== ATTENTION
Task: {3C983916-A691-4D19-B4C0-92CF03387BA6} - System32\Tasks\a4069f80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1680940544.exe <==== ATTENTION
Task: {3F0A263A-F84C-477C-840A-7677CF972477} - System32\Tasks\21247500 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup425596672.exe <==== ATTENTION
Task: {4042286D-759C-4EE9-8B72-F688B248D0FA} - System32\Tasks\9c82d280 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2358219264.exe <==== ATTENTION
Task: {42AC05F4-F5AC-4205-B6D8-0911A5BB644A} - System32\Tasks\bd59fc00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup676951040.exe <==== ATTENTION
Task: {44EA138B-49A6-4749-96FC-CA6F20D2905B} - System32\Tasks\24696340 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3796173760.exe <==== ATTENTION
Task: {44F95151-CE87-4155-A9E9-050ABD45F981} - System32\Tasks\1f5d1380 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup251153536.exe <==== ATTENTION
Task: {45CA81F7-3F97-476A-B06A-5B696BC8D51C} - System32\Tasks\f9dbe880 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3068858688.exe <==== ATTENTION
Task: {47FCE5B7-1078-4BC8-A438-DC35C5A939B4} - System32\Tasks\a4794c00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1104612736.exe <==== ATTENTION
Task: {4A58D53E-92BE-4086-A984-4F1845584E23} - System32\Tasks\87721c0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3713672448.exe <==== ATTENTION
Task: {4BD7347F-1AB8-4020-98F9-77009ABE7CDC} - System32\Tasks\c1de6d80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1733763712.exe <==== ATTENTION
Task: {4C677229-ED53-4DD6-85EF-B0DF6A808A2D} - System32\Tasks\d8f57180 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup914953216.exe <==== ATTENTION
Task: {4D3EB87B-BA3A-4667-9F4C-0825061EF3D9} - System32\Tasks\da46edc0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3318281472.exe <==== ATTENTION
Task: {52F4AEE6-A3D6-4E20-B60C-7497DFF28051} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4071752470-356845625-1869480124-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {5675D6CA-AB95-46B5-92DB-66EF7FF3D99A} - System32\Tasks\cda06e80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1700483328.exe <==== ATTENTION
Task: {576CA565-DDB1-44D7-AD37-189B93431CC1} - System32\Tasks\e8ac0080 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1625362432.exe <==== ATTENTION
Task: {58A4D629-F93A-4F1A-8359-7D71C5D11DB0} - System32\Tasks\7404ec00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1381279616.exe <==== ATTENTION
Task: {5B0D706D-BEEF-4EBE-9EDA-7D9A5051D805} - System32\Tasks\30235300 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup48213376.exe <==== ATTENTION
Task: {5CB352C0-8E5B-4937-A037-4A646F365C8B} - System32\Tasks\d6d1f800 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1778019328.exe <==== ATTENTION
Task: {5F216B60-0EF8-420B-B379-8E5E9A5AB720} - System32\Tasks\4869fb00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup550225088.exe <==== ATTENTION
Task: {5F45C3E7-7612-4514-AA31-D0EC8DD0F36E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-04] (Google Inc.)
Task: {5F8D2773-1655-46DA-8C98-90C6ADD217A1} - System32\Tasks\253c3c00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3134071808.exe <==== ATTENTION
Task: {61A2616E-FDE6-4844-8896-14021015B7FA} - System32\Tasks\7c8193c0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1149146752.exe <==== ATTENTION
Task: {69977903-6102-46CD-88ED-8B6A76EF6F5A} - System32\Tasks\ce1da480 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2907969152.exe <==== ATTENTION
Task: {6A4888F7-9CE6-43B8-B7DD-567DEC222811} - System32\Tasks\c5dc1d80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3058056320.exe <==== ATTENTION
Task: {6B9ABE9B-ABEB-44F6-A05C-78E9BB16A07A} - System32\Tasks\ac9e8280 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1134517248.exe <==== ATTENTION
Task: {6CCBB038-8425-4797-8253-CBF344116D2A} - System32\Tasks\1c2a4900 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup116053248.exe <==== ATTENTION
Task: {6EA84D0C-BD77-434B-94BA-7D4DA887DAA8} - System32\Tasks\1cd38400 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2013813120.exe <==== ATTENTION
Task: {6F4C9D5A-0B1B-4B97-8926-2FBCA2548B8E} - System32\Tasks\bd2b180 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3684124672.exe <==== ATTENTION
Task: {6FCE11AA-C16D-4C19-AF55-64CECC5CD7EE} - System32\Tasks\4d488940 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup471479360.exe <==== ATTENTION
Task: {70769DC8-38ED-4236-8CB1-D65F4C4E8BEC} - System32\Tasks\26455100 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2086365184.exe <==== ATTENTION
Task: {7432C927-96F1-4F03-8F49-181CB28DB6BE} - System32\Tasks\22185e00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup469062272.exe <==== ATTENTION
Task: {74BFE040-AE21-4642-9941-9E7EFFC71181} - System32\Tasks\6e20b200 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1659636480.exe <==== ATTENTION
Task: {76584E24-6097-4AFD-98CF-D2F3D7DB6AE2} - System32\Tasks\de458680 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2869498368.exe <==== ATTENTION
Task: {7675620E-3C6F-4A6C-A0F1-26148478E3F2} - System32\Tasks\e4d3b300 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3385959168.exe <==== ATTENTION
Task: {77654E38-73EB-4E5A-BB21-4F32FFEE1DCF} - System32\Tasks\d60bf0c0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2716346752.exe <==== ATTENTION
Task: {7832C456-6BC6-4D49-BF09-EF6D9F388499} - System32\Tasks\a3fa6b80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup377497728.exe <==== ATTENTION
Task: {7A18B0B5-BF87-4E66-9872-FF37D5D4BC05} - System32\Tasks\a8a09400 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2779103232.exe <==== ATTENTION
Task: {7B6B5FC9-7E9D-44FB-8C99-9095FC091B20} - System32\Tasks\88435d40 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup257563456.exe <==== ATTENTION
Task: {7B8ED700-111E-468A-9682-65D3AA54D3AE} - System32\Tasks\fe9c2d80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3607088128.exe <==== ATTENTION
Task: {7D8E63B3-C9C6-4C9D-AD9B-DF9D1475AE5F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {7DA4B164-7E53-4F13-8FF1-7B36129F454F} - System32\Tasks\73120600 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1539161024.exe <==== ATTENTION
Task: {7DB82EAC-839B-44E3-A426-9ACEBBB9AF18} - System32\Tasks\6b499ec0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup631826880.exe <==== ATTENTION
Task: {7E2669AA-84FD-49F3-BC46-1F572E4B22F0} - System32\Tasks\78b66700 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup374566912.exe <==== ATTENTION
Task: {7F8877E5-B2CF-4FF6-9C4E-660D73F954B9} - System32\Tasks\86acee00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1500072064.exe <==== ATTENTION
Task: {83A564EB-0369-4CDD-BB71-9108466CD1F5} - System32\Tasks\74e1e680 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1635441664.exe <==== ATTENTION
Task: {84EB400D-776C-4589-BD58-82355DB8625E} - System32\Tasks\1c1a6500 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2679407872.exe <==== ATTENTION
Task: {88F622CA-2452-4522-AA08-1FA41D66BD23} - System32\Tasks\62fbb80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3302767744.exe <==== ATTENTION
Task: {8B388BEA-7738-43F8-9153-A99275CD4BD6} - System32\Tasks\35d28d80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup421671232.exe <==== ATTENTION
Task: {8CDF5F6E-9FC2-4108-96D4-9E4D4FDAA55E} - System32\Tasks\6e9ce000 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2698582016.exe <==== ATTENTION
Task: {8E82EAFD-EFDD-40E3-91BD-B80D2EB454CA} - System32\Tasks\12f43d00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup515130880.exe <==== ATTENTION
Task: {9024A719-2F36-4C7E-A265-10124360E7C6} - System32\Tasks\54b8c7c0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup608875904.exe <==== ATTENTION
Task: {92A5ACA2-722B-414A-8C0B-4F45D8640C9E} - System32\Tasks\f9be4200 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3007995520.exe <==== ATTENTION
Task: {936E9685-1C66-4E14-9493-28D86C43EA6B} - System32\Tasks\7bc36000 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1108001664.exe <==== ATTENTION
Task: {93D7547B-3FBF-48A6-A886-3F581ED90CE7} - System32\Tasks\fc38a800 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3155571456.exe <==== ATTENTION
Task: {94A2C171-AED6-4356-8215-F8A8F0150CEF} - System32\Tasks\ec0f100 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3786012928.exe <==== ATTENTION
Task: {95C51E55-375E-4D2A-A6BE-6661D395E134} - System32\Tasks\2df55a80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2553148800.exe <==== ATTENTION
Task: {95DDE946-ABB5-4F0E-934B-645D12E4A10E} - System32\Tasks\df0bb100 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3566568448.exe <==== ATTENTION
Task: {95F9E0E9-151C-4E7F-8F28-65CD40EA48B1} - System32\Tasks\a1532980 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3814657664.exe <==== ATTENTION
Task: {9971EDFF-56EB-49C6-8048-4D4973118195} - System32\Tasks\a31db200 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1561112320.exe <==== ATTENTION
Task: {9B8415D3-F60A-4381-8835-214C82563A56} - System32\Tasks\3a30f00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2143281152.exe <==== ATTENTION
Task: {9DC72DFC-BAF5-4A6C-9E24-97BB461D75A6} - System32\Tasks\ee11d480 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2264844288.exe <==== ATTENTION
Task: {9E5CA4E9-47BA-4D2F-B478-FD1A0D05C679} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4071752470-356845625-1869480124-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {9ED3C907-0D5D-4E7E-8DEA-4DA4DD063472} - System32\Tasks\600a8d00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup241624192.exe <==== ATTENTION
Task: {9FB0A0EF-0E53-4A99-B689-8683D0583B08} - System32\Tasks\87140600 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup187420672.exe <==== ATTENTION
Task: {A21951E8-BF7E-4E5A-BA6E-B02742F6FA81} - System32\Tasks\bce28dc0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1124404032.exe <==== ATTENTION
Task: {A533986F-8589-469B-A8A3-32DAF64FB317} - System32\Tasks\bfe5ba00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2481935616.exe <==== ATTENTION
Task: {A5F9B4A5-DA58-4449-A8E4-56B7D0B78DE7} - System32\Tasks\229b2880 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3376681088.exe <==== ATTENTION
Task: {A80B9E5D-0BC2-4B7A-96EC-34C461A340D4} - System32\Tasks\6f16d000 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3123213312.exe <==== ATTENTION
Task: {A816D088-11B6-4FF4-AEFB-44A30FB424A3} - System32\Tasks\495bf400 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup128464896.exe <==== ATTENTION
Task: {ADC7A8B2-1FBD-4DD5-9DF7-D26A45F73DE3} - System32\Tasks\ae539000 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2338551936.exe <==== ATTENTION
Task: {B015048D-6843-4DBD-8771-3AD697A1F193} - System32\Tasks\24a0be80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3901001600.exe <==== ATTENTION
Task: {B11BF3FC-7126-4688-B350-9BB7D7713A23} - System32\Tasks\1449d200 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3642469504.exe <==== ATTENTION
Task: {B1F18BF5-3632-4154-B7A4-B1129773742D} - System32\Tasks\49e3f5c0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup895876352.exe <==== ATTENTION
Task: {B2E457F4-12A0-485F-8239-18AACB7FBEA1} - System32\Tasks\56d00e00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3989890944.exe <==== ATTENTION
Task: {B3761AF1-548E-456B-B7D5-0EC6DFDF297A} - System32\Tasks\641a1f00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1124633472.exe <==== ATTENTION
Task: {C034BD62-66B8-4DB8-AA55-10BD8EA5F0A2} - System32\Tasks\d8eb9f00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2578040320.exe <==== ATTENTION
Task: {C2022B01-D6F9-4639-A36B-C642D2FAFB24} - System32\Tasks\aa7e8600 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2101010560.exe <==== ATTENTION
Task: {C6396F0B-0466-46D1-8CE5-EF341603369B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-04] (Google Inc.)
Task: {C721EB42-B51C-4BB1-A655-AA68AD3F8ADF} - System32\Tasks\fe606200 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3405329408.exe <==== ATTENTION
Task: {C78BF477-589D-4EF6-810B-3B02E9D67034} - System32\Tasks\61256180 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup472239744.exe <==== ATTENTION
Task: {C88D563C-6904-4BCA-9D91-91CBC8A704F2} - System32\Tasks\6ea0f80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1636569984.exe <==== ATTENTION
Task: {C9E6AB73-4196-48D7-84F2-DA68FD877BE5} - System32\Tasks\dd5c2000 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1452042240.exe <==== ATTENTION
Task: {CAAEAA71-D9B1-478C-B60F-F068F484D8C3} - System32\Tasks\51b7e900 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup980383232.exe <==== ATTENTION
Task: {CAF90527-B330-492D-8E2C-E789954391AA} - System32\Tasks\3144f800 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3324930816.exe <==== ATTENTION
Task: {CC20BD47-93DE-42DF-8D94-6030EF65AD81} - System32\Tasks\ec945c00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3235321856.exe <==== ATTENTION
Task: {CFD1D650-4924-48D6-B2C9-5397811204B2} - System32\Tasks\95b45000 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup190342144.exe <==== ATTENTION
Task: {D03FD453-95F9-4347-B429-0696FDE21C4A} - System32\Tasks\b431bd00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2627558528.exe <==== ATTENTION
Task: {D0D186F4-DCD6-4D58-AC9B-2DF1F2B49641} - System32\Tasks\7fbecf80 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3502258688.exe <==== ATTENTION
Task: {D72FFA68-3BBE-40DC-9E05-A6C290CBE17C} - System32\Tasks\5c358c40 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1134453184.exe <==== ATTENTION
Task: {D9983A5D-4718-455F-90AD-CBA681F56D1F} - System32\Tasks\58f53380 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1492464512.exe <==== ATTENTION
Task: {DA03AB36-2556-4D69-AF66-B9D69F2B1230} - System32\Tasks\a4dc1800 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3549174784.exe <==== ATTENTION
Task: {DB01458F-F35C-4382-ACCA-82197439EA42} - System32\Tasks\a8b23580 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1830251392.exe <==== ATTENTION
Task: {E1DA97F9-A217-49DA-9437-742150A86D41} - System32\Tasks\57d32000 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2137701376.exe <==== ATTENTION
Task: {E3F09E6B-81DE-4089-9117-A4A2FB750887} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {EAE9AE90-FDA0-4F32-A585-7E26DAE7EF6D} - System32\Tasks\d578d780 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup2399466496.exe <==== ATTENTION
Task: {EB2B46DE-4C3C-4489-8532-9562290EAFC4} - System32\Tasks\a0420f00 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1041323776.exe <==== ATTENTION
Task: {ECBD7B90-D081-4F9F-B1CC-E271BC101578} - System32\Tasks\e8c4f900 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup4075951872.exe <==== ATTENTION
Task: {F49BAF99-8756-4DC3-85E3-95AF3372EF5D} - System32\Tasks\c8840580 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup1845279360.exe <==== ATTENTION
Task: {F8DEA7F0-C24A-4A33-A16D-C9A5BA357FD7} - System32\Tasks\f0cae1c0 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup3497467904.exe <==== ATTENTION
Task: {FC91958F-8253-4B32-BA6F-7CB92568092E} - System32\Tasks\77868380 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup326744192.exe <==== ATTENTION
Task: {FCADA94F-93DF-4913-9FA4-7C9EE7284568} - System32\Tasks\78d81400 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup954097408.exe <==== ATTENTION
Task: {FCDB0BEF-9BB1-4C38-BFB2-35719851F16D} - System32\Tasks\23a8b840 => C:\Users\ROLFBR~1\AppData\Local\Temp\\setup4013987072.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-04-14 08:44 - 2010-06-17 21:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2009-10-30 10:11 - 2010-08-31 18:34 - 00204800 _____ () C:\Windows\System32\WinTab32.DLL
2011-01-19 11:20 - 2011-01-19 11:20 - 00308560 _____ () C:\Program Files\Sunbelt Software\VIPRE\Vipre.dll
2011-09-09 09:12 - 2014-06-20 06:08 - 00192376 _____ () C:\Program Files\Sunbelt Software\VIPRE\Definitions\libBase64.dll
2011-09-09 09:12 - 2014-06-20 06:08 - 00180088 _____ () C:\Program Files\Sunbelt Software\VIPRE\Definitions\libMachoUniv.dll
2005-12-22 17:28 - 2005-12-22 17:28 - 00160768 _____ () C:\Program Files\Sunbelt Software\VIPRE\unrar.dll
2009-10-30 10:11 - 2010-08-31 18:34 - 00204800 _____ () C:\Windows\system32\WinTab32.DLL
2014-02-19 12:23 - 2014-09-16 10:56 - 03716720 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBPIMSvc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-4071752470-356845625-1869480124-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-4071752470-356845625-1869480124-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2014 10:31:47 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (09/13/2014 01:44:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x68586c6a
ID des fehlerhaften Prozesses: 0x160c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/13/2014 01:18:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 1.2.27.422, Zeitstempel: 0x53569264
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x70657453
ID des fehlerhaften Prozesses: 0xafc
Startzeit der fehlerhaften Anwendung: 0xUninstall.exe_unknown0
Pfad der fehlerhaften Anwendung: Uninstall.exe_unknown1
Pfad des fehlerhaften Moduls: Uninstall.exe_unknown2
Berichtskennung: Uninstall.exe_unknown3

Error: (09/13/2014 01:08:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x68586c6a
ID des fehlerhaften Prozesses: 0x16d0
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/13/2014 00:54:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x68586c6a
ID des fehlerhaften Prozesses: 0x7ac
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/13/2014 00:44:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x56116c6a
ID des fehlerhaften Prozesses: 0x17d8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (09/12/2014 10:53:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm NITROP~4.EXE, Version 2.0.0.29 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1250

Startzeit: 01cfce66e9f83690

Endzeit: 15

Anwendungspfad: C:\PROGRA~1\NITROP~1\READER~1\NITROP~4.EXE

Berichts-ID: 36666791-3a5a-11e4-95af-85c0c62a3999

Error: (09/10/2014 00:44:46 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (09/10/2014 00:43:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/08/2014 11:48:47 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 12.0.4518.1014 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1254

Startzeit: 01cfcb49ec8d0630

Endzeit: 0

Anwendungspfad: C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

Berichts-ID: 4e75df71-373d-11e4-95a6-406186f2e030


System errors:
=============
Error: (09/16/2014 09:38:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎16.‎09.‎2014 um 09:05:23 unerwartet heruntergefahren.

Error: (09/16/2014 08:40:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (09/16/2014 08:39:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (09/16/2014 08:38:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (09/16/2014 08:37:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (09/16/2014 08:36:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (09/16/2014 08:35:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (09/16/2014 08:34:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (09/16/2014 08:33:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.

Error: (09/16/2014 08:32:53 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 35%
Total physical RAM: 3071.3 MB
Available physical RAM: 1968.72 MB
Total Pagefile: 6140.9 MB
Available Pagefile: 4758.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.29 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:910.41 GB) (Free:847.46 GB) NTFS
Drive d: (Recover) (Fixed) (Total:20 GB) (Free:0.69 GB) NTFS
Drive e: (Disk) (CDROM) (Total:0.31 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=910.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
--- --- ---

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:03 on 16/09/2014 (Rolf Börne)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Rolf Börne (administrator) on ROLFBÖRNE-PC on 16-09-2014 11:06:53
Running from C:\Users\Rolf Börne\Downloads
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
(Robert McNeel & Associates) C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Tablet Driver) C:\Windows\System32\WTClient.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
(Sunbelt Software) C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe
(Sunbelt Software) C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Sunbelt Software) C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\FwebProt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\StCenter.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-03] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [WTClient] => C:\Windows\system32\WTClient.exe [32768 2010-08-31] (Tablet Driver)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [370176 2010-06-17] (shbox.de)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [273544 2011-07-13] (RealNetworks, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SBAMTray] => C:\Program Files\Sunbelt Software\VIPRE\SBAMTray.exe [1357136 2011-09-06] (Sunbelt Software)
HKLM\...\Run: [SBRegRebootCleaner] => C:\Program Files\Sunbelt Software\VIPRE\SBRC.exe [197968 2011-09-06] (Sunbelt Software)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748256 2014-08-11] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\Run: [FRITZ!protect] => FwebProt.exe
HKU\S-1-5-21-4071752470-356845625-1869480124-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4071752470-356845625-1869480124-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4071752470-356845625-1869480124-1000\...\Policies\Explorer: [HideSCAHealth] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk
ShortcutTarget: FRITZ!DSL Protect.lnk -> C:\Program Files\FRITZ!DSL\FwebProt.exe (AVM Berlin)
Startup: C:\Users\Rolf Börne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?AF=110000&babsrc=HP_ss&mntrId=c866ff2c00000000000094445243d390
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.medion.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com
StartMenuInternet: IEXPLORE.EXE -  C:\Program Files\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 01 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 02 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 03 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 15 C:\Program Files\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Rolf Börne\AppData\Roaming\Mozilla\Firefox\Profiles\xfh3925w.default
FF DefaultSearchEngine: Startpage HTTPS - Deutsch
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Startpage HTTPS - Deutsch
FF Homepage: https://startpage.com/
FF Keyword.URL: hxxp://search.babylon.com/?AF=110000&babsrc=adbartrp&mntrId=c866ff2c00000000000094445243d390&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=12.0.1.647 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.647 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.652 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.647 -> c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: NitroPDF -> C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Rolf Börne\AppData\Roaming\Mozilla\Firefox\Profiles\xfh3925w.default\searchplugins\googlede.xml
FF SearchPlugin: C:\Users\Rolf Börne\AppData\Roaming\Mozilla\Firefox\Profiles\xfh3925w.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-07-13]

Chrome: 
=======
CHR CustomProfile: C:\Users\Rolf Börne\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Rolf Börne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2013-11-22]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HPSLPSVC; C:\Users\Rolf Börne\AppData\Local\Temp\7zS067D\hpslpsvc32.dll [701288 2013-02-06] (Hewlett-Packard Co.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
R2 McNeelUpdate; C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe [68192 2013-12-13] (Robert McNeel & Associates)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [196912 2011-06-21] (Nitro PDF Software)
R2 SBAMSvc; C:\Program Files\Sunbelt Software\VIPRE\SBAMSvc.exe [2804280 2011-09-06] (Sunbelt Software)
R2 SBPIMSvc; C:\Program Files\Sunbelt Software\VIPRE\SBPIMSvc.exe [181584 2011-09-06] (Sunbelt Software)
R2 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [73728 2010-08-31] (Tablet Driver) [File not signed]
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S4 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AtiHdmiService; C:\Windows\System32\drivers\AtiHdmi.sys [100352 2010-01-28] (ATI Technologies, Inc.) [File not signed]
R3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1558368 2010-02-04] (NXP Semiconductors Germany GmbH)
R3 PTSimBus; C:\Windows\System32\DRIVERS\PTSimBus.sys [23208 2009-06-22] (PenTablet Driver)
S3 PTSimHid; C:\Windows\System32\DRIVERS\PTSimHid.sys [14504 2009-06-22] (PenTablet Driver)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [74456 2011-08-29] (Sunbelt Software)
R1 SBRE; C:\Windows\system32\drivers\SBREdrv.sys [101720 2011-08-29] (Sunbelt Software)
R1 SbTis; C:\Windows\System32\drivers\sbtis.sys [78936 2011-04-05] (Sunbelt Software, Inc.)
S3 TClass2k; C:\Windows\System32\DRIVERS\TClass2k.sys [23208 2009-06-22] (Tablet Driver)
S3 UCTblHid; C:\Windows\System32\DRIVERS\UCTblHid.sys [19624 2009-06-22] (Tablet Driver)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 11:06 - 2014-09-16 11:07 - 00015798 _____ () C:\Users\Rolf Börne\Downloads\FRST.txt
2014-09-16 11:05 - 2014-09-16 11:06 - 00000000 ____D () C:\FRST
2014-09-16 11:03 - 2014-09-16 11:03 - 00000482 _____ () C:\Users\Rolf Börne\Downloads\defogger_disable.log
2014-09-16 11:03 - 2014-09-16 11:03 - 00000000 _____ () C:\Users\Rolf Börne\defogger_reenable
2014-09-16 11:00 - 2014-09-16 11:00 - 00050477 _____ () C:\Users\Rolf Börne\Downloads\Defogger.exe
2014-09-16 09:50 - 2014-09-16 09:50 - 05579386 _____ (Swearware) C:\Users\Rolf Börne\Downloads\ComboFix.exe
2014-09-16 09:49 - 2014-09-16 09:49 - 01097728 _____ (Farbar) C:\Users\Rolf Börne\Downloads\FRST.exe
2014-09-16 09:15 - 2014-09-16 09:15 - 00547329 _____ () C:\Users\Rolf Börne\Desktop\Jarosch Ring 3d2.1 Längs.3dm
2014-09-10 11:36 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 11:36 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 11:36 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 11:36 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 11:36 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 11:36 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 11:36 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 11:36 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 11:36 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 11:36 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 11:36 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 11:36 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 11:36 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 11:36 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 11:36 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 11:36 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 11:36 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 11:36 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 11:36 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 11:36 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 11:36 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 11:36 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 11:36 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 11:36 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 11:36 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 11:36 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 11:36 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 11:36 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 11:36 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 11:36 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 11:25 - 2014-09-10 11:25 - 00000000 ____D () C:\ProgramData\ATI
2014-09-10 11:25 - 2014-09-10 11:25 - 00000000 ____D () C:\Program Files\AMD AVT
2014-09-10 11:24 - 2014-09-10 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-10 10:12 - 2014-07-07 03:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 10:12 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 11:31 - 2014-09-09 11:31 - 11683699 _____ () C:\Users\Rolf Börne\Downloads\Studio_HDR_giveaway_by_zbyg.zip
2014-08-28 08:07 - 2014-08-23 03:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 08:07 - 2014-08-23 02:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 11:24 - 2014-08-21 11:24 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Roaming\Buhl Data Service
2014-08-21 11:23 - 2014-08-21 11:23 - 00002005 _____ () C:\Users\Rolf Börne\Desktop\Mein Verein.lnk
2014-08-21 11:23 - 2014-08-21 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mein Verein
2014-08-21 11:22 - 2014-08-21 11:23 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-08-21 11:22 - 2014-08-21 11:22 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Local\Buhl Data Service
2014-08-21 11:22 - 2014-08-21 11:22 - 00000000 ____D () C:\Program Files\Buhl
2014-08-21 11:22 - 2002-08-23 10:00 - 04082688 _____ (Borland Software Corporation) C:\Windows\system32\qtintf70.dll
2014-08-21 11:19 - 2014-08-21 11:20 - 90900792 _____ () C:\Users\Rolf Börne\Downloads\MV2015Trial.exe
2014-08-21 11:13 - 2014-08-21 11:13 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Local\J._Göldenitz_Software
2014-08-21 10:45 - 2014-09-05 13:14 - 00000000 ____D () C:\Users\Rolf Börne\Documents\JoGoVEREIN
2014-08-21 10:45 - 2014-08-21 10:45 - 00002721 _____ () C:\Users\Public\Desktop\JoGoVEREIN.lnk
2014-08-21 10:45 - 2014-08-21 10:45 - 00002715 _____ () C:\Users\Public\Desktop\JoGoLISTE.lnk
2014-08-21 10:45 - 2014-08-21 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ihr Firmenname
2014-08-21 10:45 - 2014-08-21 10:45 - 00000000 ____D () C:\Program Files\JoGoVEREIN
2014-08-21 10:43 - 2014-08-21 10:43 - 08995629 _____ () C:\Users\Rolf Börne\Downloads\JoGoVEREIN-Setup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-16 11:07 - 2014-09-16 11:06 - 00015798 _____ () C:\Users\Rolf Börne\Downloads\FRST.txt
2014-09-16 11:06 - 2014-09-16 11:05 - 00000000 ____D () C:\FRST
2014-09-16 11:03 - 2014-09-16 11:03 - 00000482 _____ () C:\Users\Rolf Börne\Downloads\defogger_disable.log
2014-09-16 11:03 - 2014-09-16 11:03 - 00000000 _____ () C:\Users\Rolf Börne\defogger_reenable
2014-09-16 11:03 - 2010-07-12 11:19 - 00000000 ____D () C:\Users\Rolf Börne
2014-09-16 11:00 - 2014-09-16 11:00 - 00050477 _____ () C:\Users\Rolf Börne\Downloads\Defogger.exe
2014-09-16 10:57 - 2010-07-14 09:38 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Roaming\FRITZ!
2014-09-16 10:56 - 2014-02-19 12:22 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-16 10:56 - 2012-04-26 10:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-16 10:51 - 2011-03-04 09:50 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-16 10:44 - 2014-04-28 10:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-16 10:24 - 2011-03-04 09:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-16 09:50 - 2014-09-16 09:50 - 05579386 _____ (Swearware) C:\Users\Rolf Börne\Downloads\ComboFix.exe
2014-09-16 09:49 - 2014-09-16 09:49 - 01097728 _____ (Farbar) C:\Users\Rolf Börne\Downloads\FRST.exe
2014-09-16 09:45 - 2009-07-14 06:34 - 00009888 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-16 09:45 - 2009-07-14 06:34 - 00009888 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-16 09:42 - 2010-07-12 11:19 - 01965474 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 09:38 - 2010-07-14 09:38 - 01586074 _____ () C:\Users\Rolf Börne\DesktopStCenter.txt
2014-09-16 09:38 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-16 09:38 - 2009-07-14 06:39 - 00090156 _____ () C:\Windows\setupact.log
2014-09-16 09:15 - 2014-09-16 09:15 - 00547329 _____ () C:\Users\Rolf Börne\Desktop\Jarosch Ring 3d2.1 Längs.3dm
2014-09-16 08:11 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-15 10:21 - 2013-12-10 11:07 - 00000000 ____D () C:\Jarosch ring
2014-09-13 13:18 - 2011-08-20 09:19 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Roaming\DVDVideoSoft
2014-09-13 13:18 - 2011-06-16 21:37 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Roaming\DVDVideoSoftIEHelpers
2014-09-13 13:18 - 2011-06-16 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-13 13:18 - 2011-06-16 21:37 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-09-13 13:18 - 2011-06-16 21:37 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-09-13 12:50 - 2014-02-19 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2014-09-13 12:47 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-13 12:45 - 2010-03-05 15:58 - 00000000 ____D () C:\Program Files\Windows Live
2014-09-13 12:43 - 2013-05-27 08:54 - 00000000 ____D () C:\Program Files\Passbild-Drucker 1
2014-09-13 12:42 - 2010-07-13 09:31 - 00000000 ____D () C:\Program Files\Google
2014-09-13 12:40 - 2011-03-03 12:18 - 00000000 ____D () C:\Program Files\Amazon
2014-09-10 12:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-10 12:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-10 11:44 - 2014-07-14 19:44 - 17328816 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-09-10 11:44 - 2013-03-12 17:33 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-10 11:44 - 2011-06-17 08:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-10 11:35 - 2013-08-15 10:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 11:31 - 2010-03-05 15:29 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 11:29 - 2010-03-05 14:50 - 01648250 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 11:25 - 2014-09-10 11:25 - 00000000 ____D () C:\ProgramData\ATI
2014-09-10 11:25 - 2014-09-10 11:25 - 00000000 ____D () C:\Program Files\AMD AVT
2014-09-10 11:25 - 2014-02-27 14:59 - 00000000 ____D () C:\ProgramData\AMD
2014-09-10 11:24 - 2014-09-10 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-09-10 11:24 - 2011-09-08 08:54 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-10 11:14 - 2014-02-27 14:48 - 00000000 ____D () C:\AMD
2014-09-09 11:31 - 2014-09-09 11:31 - 11683699 _____ () C:\Users\Rolf Börne\Downloads\Studio_HDR_giveaway_by_zbyg.zip
2014-09-05 13:14 - 2014-08-21 10:45 - 00000000 ____D () C:\Users\Rolf Börne\Documents\JoGoVEREIN
2014-09-04 12:55 - 2013-11-27 16:47 - 00000000 ____D () C:\Users\Rolf Börne\Desktop\Jarosch ring
2014-09-04 12:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-01 08:22 - 2009-07-14 06:33 - 00416584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-23 03:46 - 2014-08-28 08:07 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:42 - 2014-08-28 08:07 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 11:24 - 2014-08-21 11:24 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Roaming\Buhl Data Service
2014-08-21 11:24 - 2010-07-12 11:20 - 00111176 _____ () C:\Users\Rolf Börne\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 11:23 - 2014-08-21 11:23 - 00002005 _____ () C:\Users\Rolf Börne\Desktop\Mein Verein.lnk
2014-08-21 11:23 - 2014-08-21 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mein Verein
2014-08-21 11:23 - 2014-08-21 11:22 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-08-21 11:22 - 2014-08-21 11:22 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Local\Buhl Data Service
2014-08-21 11:22 - 2014-08-21 11:22 - 00000000 ____D () C:\Program Files\Buhl
2014-08-21 11:20 - 2014-08-21 11:19 - 90900792 _____ () C:\Users\Rolf Börne\Downloads\MV2015Trial.exe
2014-08-21 11:13 - 2014-08-21 11:13 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Local\J._Göldenitz_Software
2014-08-21 10:45 - 2014-08-21 10:45 - 00002721 _____ () C:\Users\Public\Desktop\JoGoVEREIN.lnk
2014-08-21 10:45 - 2014-08-21 10:45 - 00002715 _____ () C:\Users\Public\Desktop\JoGoLISTE.lnk
2014-08-21 10:45 - 2014-08-21 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ihr Firmenname
2014-08-21 10:45 - 2014-08-21 10:45 - 00000000 ____D () C:\Program Files\JoGoVEREIN
2014-08-21 10:44 - 2011-04-11 16:43 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Local\Downloaded Installations
2014-08-21 10:43 - 2014-08-21 10:43 - 08995629 _____ () C:\Users\Rolf Börne\Downloads\JoGoVEREIN-Setup.exe
2014-08-19 19:39 - 2014-09-10 11:36 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 00:26 - 2014-09-10 11:36 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:08 - 2014-09-10 11:36 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 23:57 - 2014-09-10 11:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 23:57 - 2014-09-10 11:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 23:46 - 2014-09-10 11:36 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 23:45 - 2014-09-10 11:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 23:44 - 2014-09-10 11:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-10 11:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-10 11:36 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 23:39 - 2014-09-10 11:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 23:39 - 2014-09-10 11:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 23:37 - 2014-09-10 11:36 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 23:36 - 2014-09-10 11:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 23:36 - 2014-09-10 11:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:35 - 2014-09-10 11:36 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 23:30 - 2014-09-10 11:36 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:27 - 2014-09-10 11:36 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:22 - 2014-09-10 11:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-10 11:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:17 - 2014-09-10 11:36 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:17 - 2014-09-10 11:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:15 - 2014-09-10 11:36 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:09 - 2014-09-10 11:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:08 - 2014-09-10 11:36 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:08 - 2014-09-10 11:36 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:07 - 2014-09-10 11:36 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 22:46 - 2014-09-10 11:36 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 22:38 - 2014-09-10 11:36 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:36 - 2014-09-10 11:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 09:35 - 2012-03-01 16:53 - 00000000 ____D () C:\Users\Rolf Börne\AppData\Local\FreePDF_XP
2014-08-18 09:34 - 2011-04-14 08:44 - 00000000 ____D () C:\ProgramData\FreePDF
2014-08-18 08:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE

Files to move or delete:
====================
C:\ProgramData\hpeA016.dll


Some content of TEMP:
====================
C:\Users\Rolf Börne\AppData\Local\Temp\AskSLib.dll
C:\Users\Rolf Börne\AppData\Local\Temp\dotnetfx.exe
C:\Users\Rolf Börne\AppData\Local\Temp\On4UD.dll
C:\Users\Rolf Börne\AppData\Local\Temp\Setup.exe
C:\Users\Rolf Börne\AppData\Local\Temp\shelper.dll
C:\Users\Rolf Börne\AppData\Local\Temp\tester.dll
C:\Users\Rolf Börne\AppData\Local\Temp\tmp4B52.exe
C:\Users\Rolf Börne\AppData\Local\Temp\wusetup.exE
C:\Users\Rolf Börne\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 10:26

==================== End Of Log ============================
--- --- ---
GMER Logfile:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-16 11:37:41
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\0000005c WDC_WD10 rev.80.0 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\ROLFBR~1\AppData\Local\Temp\fwlcauoc.sys


---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                              83055A15 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                8308F212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           C:\Windows\system32\DRIVERS\atikmdag.sys                                                              section is writeable [0x9980C000, 0x16D7DA, 0xE8000020]

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\Real\RealPlayer\Update\realsched.exe[2172] kernel32.dll!SetUnhandledExceptionFilter  764EF5AB 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\tdx \Device\Tcp                                                                               sbtis.sys
AttachedDevice  \Driver\tdx \Device\Udp                                                                               sbtis.sys
AttachedDevice  \Driver\tdx \Device\RawIp                                                                             sbtis.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000ea1458af5                           
Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000ea1458af5@0023f131edc7              0xA4 0xDE 0xCF 0x50 ...
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000ea1458af5 (not active ControlSet)       
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000ea1458af5@0023f131edc7                  0xA4 0xDE 0xCF 0x50 ...

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                                 unknown MBR code

---- EOF - GMER 2.1 ----
--- --- ---
Geändert von Schmuckler (16.09.2014 um 12:01 Uhr) Grund: Logs sollten in den Treats gepostet werden.

 

Themen zu System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows
branding, fehlercode 0x5, fehlercode 0xc0000005, install.exe, java/agent.ea, java/exploit.cve-2010-0840.naf, java/exploit.cve-2011-3544.d, java/exploit.cve-2011-3544.t, java/exploit.cve-2011-3544.x, java/trojandownloader.agent.me, malware.trace, msil/downloadguide.d, programme lassen sich nicht strarten, programme starten nicht, pup.optional.babylon.a, pup.optional.babylontoolbar.a, pup.optional.downloadguide.a, pup.optional.installcore.a, pup.optional.pricealarm.a, pup.optional.softonic.a, starten nicht, tablet, trojan.agent, win32/bundled.toolbar.ask, win32/installmonetizer.af, win32/toolbar.babylon.e, win32/toolbar.babylon.f, win32/toolbar.conduit.b


« Interpol Virus Problem | GDATA: Win32.Adware.Conduit.B lässt sich nicht desinfizieren & viele andere Viren in Quarantäne »


Ähnliche Themen: System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows


  1. Einige Programme starten nicht mehr unter Windows 7
    Alles rund um Windows - 26.05.2015 (3)
  2. Einige Programme starten nicht mehr unter Windows 7
    Mülltonne - 25.05.2015 (0)
  3. Windows XP - Rechner extrem Langsam/einige Programme starten gar nicht
    Plagegeister aller Art und deren Bekämpfung - 30.03.2015 (23)
  4. Windows 7 - Sämtliche Programme starten nicht mehr und liefern Fehlermeldung
    Log-Analyse und Auswertung - 15.03.2015 (10)
  5. Programme starten nicht mehr kurz nach Windows-Neustart
    Plagegeister aller Art und deren Bekämpfung - 12.02.2015 (19)
  6. Win 7 64 bit Programme lassen sich nicht starten, System stürzt ab, nach seltsamem Windows Update
    Plagegeister aller Art und deren Bekämpfung - 23.12.2014 (19)
  7. Windows-7 64bit Anwendungs Programme starten nicht mehr nach einiger Zeit
    Log-Analyse und Auswertung - 16.10.2014 (21)
  8. PC mit Win 7 64 bit wird langsam, Mehrere Internet Explorer Prozesse machen sich auf, Antivir wird geblockt, lässt sich nicht mehr starten
    Plagegeister aller Art und deren Bekämpfung - 23.08.2014 (7)
  9. Win7: Einige wenige Programme funktionieren nicht mehr und Laptop wird langsam.
    Log-Analyse und Auswertung - 25.05.2014 (20)
  10. Windows 7 und Programme starten langsam
    Plagegeister aller Art und deren Bekämpfung - 21.02.2014 (13)
  11. nach gewisser zeit lassen sich programme nicht mehr starten, windows xp...
    Plagegeister aller Art und deren Bekämpfung - 04.02.2012 (1)
  12. Antivirus Programme starten nicht mehr//Systemreset geht nicht mehr
    Log-Analyse und Auswertung - 03.01.2010 (1)
  13. Programme starten nicht mehr / Explorer nicht mehr durch Firewall blockiert
    Log-Analyse und Auswertung - 08.10.2009 (11)
  14. PC langsam , Programme lassen sich meist nicht starten
    Log-Analyse und Auswertung - 17.11.2008 (0)
  15. Programme starten nicht mehr
    Log-Analyse und Auswertung - 18.06.2007 (1)
  16. Programme starten nicht mehr
    Log-Analyse und Auswertung - 26.03.2006 (5)
  17. Programme starten nicht mehr
    Log-Analyse und Auswertung - 04.02.2006 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows - Liebes Trojaner Board Team. Seit einiger Zeit wird mein Rechner relativ kurz (ca.5 Min.) nach dem Einschallten langsam und vor allem lassen sich die Programme nicht mehr starten. Weder von - System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows...
Archiv
Du betrachtest: System wird langsam, Programme starten nicht mehr, AMD:CCC Capturing Windows auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27