| |
| |||||||
Log-Analyse und Auswertung: Win 7, langsamer Start und Probleme im InternetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
17.09.2014, 19:52
| #1 |
 |  Win 7, langsamer Start und Probleme im Internet Hallo, beim Start von meinem Win7-Rechner ist am Anfang alles normal. Wenn Windows gestartet ist gehen alle Symbole der Icons auf dem Desktop weg und kommen dann neu. Bis WLAN dann funktioniert gehe es nochmal eine gewisse Zeit. Im Internet ist mir aufgefallen, dass bestimmte Sachen, zB einloggen im Postfach, beim ersten Mal eine Fehlermeldung und beim zweiten Mal hat es dann funktioniert. Bei verschiedenen Online-Spielen werden manche Sachen auf einmal nicht mehr angezeigt. FRST habe ich bereits runtergeladen. FRST.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by X1 (administrator) on X1-PC on 17-09-2014 20:40:46
Running from C:\Users\X1\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valion Group) C:\Program Files (x86)\RebateInformer\RebateInf.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-2917026532-1704927967-2421539612-1000\...\Run: [RebateInformer] => C:\Program Files (x86)\RebateInformer\RebateInf.exe [2672000 2014-08-15] (Valion Group)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aol.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3D98B987A345CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: HKLM-x32 - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: HKCU - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
URLSearchHook: HKCU - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File
SearchScopes: HKLM-x32 - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=tb50-ie-aolde-chromesbox-de-de
SearchScopes: HKCU - DefaultScope {4B675094-CFC1-4251-8F1D-CFFC9FF46CDB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^VK^DE&apn_uid=a685d0e5-58fd-4dbf-858b-03c39f09954c&apn_sauid=12AD7F92-3FC6-4DD9-99C4-3E749CFC96A7
SearchScopes: HKCU - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=tb50-ie-aolde-chromesbox-de-de
SearchScopes: HKCU - {4B675094-CFC1-4251-8F1D-CFFC9FF46CDB} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^VK^DE&apn_uid=a685d0e5-58fd-4dbf-858b-03c39f09954c&apn_sauid=12AD7F92-3FC6-4DD9-99C4-3E749CFC96A7
SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80814&lng=de
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} -> C:\Program Files (x86)\SiteRanker\SiteRank.dll (Crawler, LLC)
BHO-x32: AOL Deutschland Toolbar Loader -> {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} -> C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: No Name -> {CCB69577-088B-4004-9ED8-FF5BCC83A039} -> C:\Program Files (x86)\RebateInformer\RebateI.dll (Valion Group)
BHO-x32: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files (x86)\RebateInformer\RebInf64.dll (Valion Group)
Handler-x32: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\Program Files (x86)\RebateInformer\RebateI.dll (Valion Group)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files (x86)\SiteRanker\firefox
FF Extension: SiteRanker - C:\Program Files (x86)\SiteRanker\firefox [2013-10-01]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\X1\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.5.0.crx [2012-10-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [802384 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [15680 2006-10-31] ()
S3 cpuz130; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-17 20:40 - 2014-09-17 20:41 - 00009930 _____ () C:\Users\X1\Desktop\FRST.txt
2014-09-17 20:40 - 2014-09-17 20:40 - 00000000 ____D () C:\FRST
2014-09-17 20:39 - 2014-09-17 20:39 - 02105856 _____ (Farbar) C:\Users\X1\Desktop\FRST64.exe
2014-09-13 20:48 - 2014-09-17 20:09 - 00000000 ____D () C:\Users\X1\AppData\Roaming\Systweak
2014-09-13 20:48 - 2014-09-13 21:14 - 00000000 ____D () C:\Users\X1\AppData\Roaming\cloudbkp
2014-09-13 20:48 - 2014-09-13 20:48 - 00004014 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-13 20:48 - 2014-08-20 19:17 - 00019800 _____ () C:\Windows\system32\roboot64.exe
2014-09-13 20:36 - 2014-09-17 20:30 - 00001042 _____ () C:\Windows\setupact.log
2014-09-13 20:36 - 2014-09-13 20:36 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-12 13:55 - 2014-09-12 13:56 - 02066125 _____ () C:\Users\X1\Downloads\dawanda&partId=4&saveAs=E-BOOK-Anleitung_Häkelpuschen_SO_NICE_-_Gr20_pdf
2014-09-10 13:37 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 13:37 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 13:37 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 13:37 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 13:37 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 13:37 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 13:37 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 13:37 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 13:37 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 13:37 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 13:37 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 13:37 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 13:37 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 13:37 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 13:37 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 13:37 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 13:37 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 13:37 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 13:37 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 13:37 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 13:37 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 13:37 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 13:37 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 13:37 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 13:37 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 13:37 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 13:37 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 13:37 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 13:37 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 13:37 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 13:37 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 13:37 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 13:37 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 13:37 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 13:37 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 13:37 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 13:37 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 13:37 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 13:37 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 13:37 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 13:37 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 13:37 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 13:37 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 13:37 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 13:37 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 13:37 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 13:37 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 13:37 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 13:37 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 13:37 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 13:37 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 13:37 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 13:37 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 13:37 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 13:37 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 13:37 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 13:29 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 13:29 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 08:19 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 08:19 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 08:19 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 08:19 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 08:18 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 08:18 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 08:18 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 08:18 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 08:18 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 08:18 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 08:18 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-02 22:46 - 2014-09-02 22:46 - 00520722 _____ () C:\Users\X1\Downloads\dawanda&partId=3&saveAs=Häkelanleitung_Mäuse-Booties_pdf
2014-09-02 22:44 - 2014-09-02 22:44 - 09148236 _____ () C:\Users\X1\Downloads\dawanda&partId=1&saveAs=Häkelanleitung_Babyschuhe_Princess_Nr__42_pdf
2014-08-29 14:05 - 2014-08-29 14:05 - 00000308 _____ () C:\Users\X1\Downloads\admhelper (1).adh
2014-08-29 14:01 - 2014-08-29 14:05 - 00000308 _____ () C:\Users\X1\Downloads\BK_ADKO_001631DE_LC_64_44100_ster_AXTXDZQXIPM9U.adh
2014-08-28 08:32 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 08:32 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 08:32 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 07:23 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-19 07:23 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-19 07:23 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-19 07:23 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-19 07:23 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-19 07:23 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-19 07:23 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-19 07:23 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-19 07:23 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-19 07:23 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-19 07:23 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-19 07:23 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-19 07:23 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-19 07:23 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-17 20:41 - 2014-09-17 20:40 - 00009930 _____ () C:\Users\X1\Desktop\FRST.txt
2014-09-17 20:40 - 2014-09-17 20:40 - 00000000 ____D () C:\FRST
2014-09-17 20:39 - 2014-09-17 20:39 - 02105856 _____ (Farbar) C:\Users\X1\Desktop\FRST64.exe
2014-09-17 20:38 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-17 20:38 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-17 20:35 - 2011-04-12 09:43 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-09-17 20:35 - 2011-04-12 09:43 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-09-17 20:35 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 20:34 - 2012-06-08 17:43 - 01386800 _____ () C:\Windows\WindowsUpdate.log
2014-09-17 20:30 - 2014-09-13 20:36 - 00001042 _____ () C:\Windows\setupact.log
2014-09-17 20:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-17 20:15 - 2012-06-11 22:05 - 00000000 ____D () C:\Users\X1\AppData\Local\Google
2014-09-17 20:15 - 2012-06-11 22:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-17 20:11 - 2012-09-05 20:07 - 00264138 _____ () C:\Windows\PFRO.log
2014-09-17 20:11 - 2012-06-11 22:05 - 00000000 ____D () C:\Program Files\Google
2014-09-17 20:09 - 2014-09-13 20:48 - 00000000 ____D () C:\Users\X1\AppData\Roaming\Systweak
2014-09-17 20:00 - 2012-06-21 20:21 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-17 19:58 - 2012-07-30 15:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-17 18:09 - 2014-04-01 19:59 - 00000000 ____D () C:\Users\X1\AppData\Local\Audible
2014-09-17 08:13 - 2012-08-26 21:07 - 00000000 ____D () C:\Program Files (x86)\RebateInformer
2014-09-16 16:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-15 22:52 - 2013-11-16 23:53 - 00000000 ____D () C:\Users\X1\Documents\My Kindle Content
2014-09-15 09:46 - 2012-11-18 18:30 - 00000000 ____D () C:\Users\X1\AppData\Roaming\ZoomBrowser EX
2014-09-13 21:14 - 2014-09-13 20:48 - 00000000 ____D () C:\Users\X1\AppData\Roaming\cloudbkp
2014-09-13 20:48 - 2014-09-13 20:48 - 00004014 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-13 20:36 - 2014-09-13 20:36 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-12 13:56 - 2014-09-12 13:55 - 02066125 _____ () C:\Users\X1\Downloads\dawanda&partId=4&saveAs=E-BOOK-Anleitung_Häkelpuschen_SO_NICE_-_Gr20_pdf
2014-09-11 17:58 - 2014-02-05 15:58 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-11 17:58 - 2012-07-30 15:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 17:58 - 2012-06-10 10:46 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 17:58 - 2012-06-08 20:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 16:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-10 13:36 - 2014-02-25 10:29 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 13:36 - 2013-08-15 12:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 13:29 - 2014-05-06 23:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 13:29 - 2012-06-10 10:11 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-05 04:10 - 2014-09-10 08:18 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 08:18 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-02 22:46 - 2014-09-02 22:46 - 00520722 _____ () C:\Users\X1\Downloads\dawanda&partId=3&saveAs=Häkelanleitung_Mäuse-Booties_pdf
2014-09-02 22:44 - 2014-09-02 22:44 - 09148236 _____ () C:\Users\X1\Downloads\dawanda&partId=1&saveAs=Häkelanleitung_Babyschuhe_Princess_Nr__42_pdf
2014-08-30 17:26 - 2013-07-17 10:17 - 00000000 ____D () C:\Users\X1\AppData\Roaming\CameraWindowDC
2014-08-29 14:05 - 2014-08-29 14:05 - 00000308 _____ () C:\Users\X1\Downloads\admhelper (1).adh
2014-08-29 14:05 - 2014-08-29 14:01 - 00000308 _____ () C:\Users\X1\Downloads\BK_ADKO_001631DE_LC_64_44100_ster_AXTXDZQXIPM9U.adh
2014-08-29 12:47 - 2009-07-14 06:45 - 00294656 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 04:07 - 2014-08-28 08:32 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 08:32 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 08:32 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 19:17 - 2014-09-13 20:48 - 00019800 _____ () C:\Windows\system32\roboot64.exe
2014-08-19 20:05 - 2014-09-10 13:37 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-10 13:37 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 01:01 - 2014-09-10 13:37 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-10 13:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-10 13:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-10 13:37 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-10 13:37 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-10 13:37 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-10 13:37 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-10 13:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-10 13:37 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-10 13:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-10 13:37 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-10 13:37 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-10 13:37 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-10 13:37 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-10 13:37 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-10 13:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-10 13:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-10 13:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-10 13:37 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-10 13:37 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-10 13:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-10 13:37 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-10 13:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-10 13:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-10 13:37 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-10 13:37 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-10 13:37 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-10 13:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-10 13:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-10 13:37 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-10 13:37 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-10 13:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-10 13:37 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-10 13:37 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-10 13:37 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-10 13:37 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-10 13:37 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-10 13:37 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-10 13:37 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-10 13:37 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-10 13:37 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-10 13:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-10 13:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-10 13:37 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-10 13:37 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-10 13:37 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-10 13:37 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-10 13:37 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-10 13:37 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-10 13:37 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-10 13:37 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-10 13:37 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-10 13:37 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-10 13:37 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
Some content of TEMP:
====================
C:\Users\X1\AppData\Local\Temp\AGChecker.exe
C:\Users\X1\AppData\Local\Temp\avgnt.exe
C:\Users\X1\AppData\Local\Temp\OnlineBackup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-16 14:20
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by X1 at 2014-09-17 20:41:33
Running from C:\Users\X1\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1 Pinguin 100 Fälle (HKLM-x32\...\BFG-1 Pinguin 100 Faelle) (Version: - )
4 Elements II (HKLM-x32\...\BFG-4 Elements II) (Version: - )
A Gnome's Home: Der Kristall des Lebens (HKLM-x32\...\BFG-A Gnome's Home - Der Kristall des Lebens) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
AOL Deutschland Toolbar (HKCU\...\AOL Deutschland Toolbar) (Version: - )
AOL Deutschland Toolbar (HKLM-x32\...\AOL Deutschland Toolbar) (Version: - )
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.5.0 - Ask.com) <==== ATTENTION
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2010594558.48.56.38145258 - Audible, Inc.)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.3.28481 - Ask.com) <==== ATTENTION
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Birds on a Wire (HKLM-x32\...\BFG-Birds on a Wire) (Version: - )
Campgrounds (HKLM-x32\...\BFG-Campgrounds) (Version: - )
Campgrounds: The Endorus Expedition Sammleredition (HKLM-x32\...\BFG-Campgrounds - The Endorus Expedition Sammleredition) (Version: - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.0.0.20 - Canon Inc.)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.2.0.2 - Canon Inc.)
Canon Utilities CameraWindow DC (HKLM-x32\...\CameraWindowDC) (Version: 7.4.0.9 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.5.0.3 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.2.0.4 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM-x32\...\MyCameraDC) (Version: 7.2.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.3.0.7 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.0.9 - Canon Inc.)
Cate West - The Vanishing Files (HKLM-x32\...\dcf044fc6e1efd464a3b6bfcc74c4919) (Version: - )
Cradle of Egypt (HKLM-x32\...\BFG-Cradle of Egypt) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Das ultimative Osterrätsel (HKLM-x32\...\BFG-Das ultimative Osterratsel) (Version: - )
Das ultimative Weihnachtsrätsel-Paket (HKLM-x32\...\BFG-Das ultimative Weihnachtsraetsel-Paket) (Version: - )
Die 4 Elemente II (HKLM-x32\...\Die 4 Elemente II) (Version: 1.0.0.0 - INTENIUM GmbH)
Die Chroniken von Emerland Solitär (HKLM-x32\...\BFG-Die Chroniken von Emerland Solitaer) (Version: - )
Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION
DragonStone (HKLM-x32\...\BFG-DragonStone) (Version: - )
Dreams of a Geisha (HKLM-x32\...\BFG-Dreams of a Geisha) (Version: - )
Dress-Up Pups (HKLM-x32\...\dd06bbd7f8b6ace45e314b3b80dcfcc7) (Version: - )
Ein Yankee unter Rittern (HKLM-x32\...\BFG-Ein Yankee unter Rittern) (Version: - )
El Dorado Quest (HKLM-x32\...\BFG-El Dorado Quest) (Version: - )
Fishdom (HKLM-x32\...\BFG-Fishdom) (Version: - )
Fishdom 3 Sammleredition (HKLM-x32\...\BFG-Fishdom 3 Sammleredition) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Gardenscapes - Mansion Makeover Premium Edition (HKLM-x32\...\182cbaeb29e16344e6068a8f7880ee1f) (Version: - )
Gardenscapes(TM) (HKLM-x32\...\94a888f0cc14f46f31dbe64760d265e3) (Version: - )
Hello Venice (HKLM-x32\...\4e23c238b344d82a7faaf1494690f46f) (Version: - )
Hidden Object Crosswords (HKLM-x32\...\BFG-Hidden Object Crosswords) (Version: - )
Hidden Wonders of the Depths (HKLM-x32\...\BFG-Hidden Wonders of the Depths) (Version: - )
Holiday Jigsaw: Valentinstag (HKLM-x32\...\BFG-Holiday Jigsaw - Valentinstag) (Version: - )
Island Tribe 3 (HKLM-x32\...\9131b468f75938b04a5da83b28a5141b) (Version: - )
Jewel Match - Winter Wonderland (HKLM-x32\...\BFG-Jewel Match - Winter Wonderland) (Version: - )
Jigs@w Puzzle 2 (HKLM-x32\...\BFG-Jigs@w Puzzle 2) (Version: - )
Jigsaw Boom (HKLM-x32\...\BFG-Jigsaw Boom) (Version: - )
Jigsaw World (HKLM-x32\...\49a213cae8c161bbc6283bb92a2911cb) (Version: - )
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Legends of Solitaire: Die verlorenen Karten (HKLM-x32\...\BFG-Legends of Solitaire - Die verlorenen Karten) (Version: - )
Liong - The Dragon Dance (HKLM-x32\...\b44d1c7dfb19ca4f4653e190ea54e5ce) (Version: - )
Liong - The Lost Amulets (HKLM-x32\...\195d427afff066bdd0f3a5bb62fa90c1) (Version: - )
Little Shop of Treasures (HKLM-x32\...\71f8a07131cc25b1c18b432ba27c6759) (Version: - )
Little Things Forever (HKLM-x32\...\BFG-Little Things Forever) (Version: - )
LUXOR Great Adventures (HKLM-x32\...\0c6992c24d5411a5081752bd53f1477e) (Version: - )
Luxor MahJong (HKLM-x32\...\ee3e54471547c681968fbf933a57e9f6) (Version: - )
Magic Encyclopedia: Illusionen (HKLM-x32\...\Magic Encyclopedia: Illusionen) (Version: 1.0.0.0 - INTENIUM GmbH)
Mahjong Towers Eternity (HKLM-x32\...\BFG-Mahjong Towers Eternity) (Version: - )
Mahjongg Dimensions Deluxe - Tiles in Time (HKLM-x32\...\3cb1e59e3f781367097efff509bd1537) (Version: - )
Mahjongg Dimensions Deluxe (HKLM-x32\...\9ac1643eb7e8f26282321d12c5baf3bb) (Version: - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mr Puzzle (HKLM-x32\...\BFG-Mr Puzzle) (Version: - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mysteries of Horus (HKLM-x32\...\BFG-Mysteries of Horus) (Version: - )
Mystery Legends - Beauty and the Beast (HKLM-x32\...\c7bdf000efa3f2f32977d770027a79b4) (Version: - )
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Ostereierspektakel (HKLM-x32\...\BFG-Ostereierspektakel) (Version: - )
Pastime Puzzles Deluxe - The Fifties (HKLM-x32\...\8341a549a6ff275278d283c38c989850) (Version: - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.3.2 - Frank Heindörfer, Philip Chinery)
Peggle Nights (HKLM-x32\...\BFG-Peggle Nights) (Version: - )
Puzzle Park (HKLM-x32\...\BFG-Puzzle Park) (Version: - )
Rainbow Web (HKLM-x32\...\977a30aad43ce761559b310356426a15) (Version: - )
Rainbow Web 2 (HKLM-x32\...\ee601fa010ca9308fd3454987eb467b1) (Version: - )
Rainbow Web 3 (HKLM-x32\...\9c9c5338e0567bbe27cc20b4e137575c) (Version: - )
Ravensburger Puzzle II (HKLM-x32\...\BFG-Ravensburger Puzzle II) (Version: - )
Ravensburger Puzzle Selection (HKLM-x32\...\BFG-Ravensburger Puzzle Selection) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6215 - Realtek Semiconductor Corp.)
RebateInformer (HKLM-x32\...\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1) (Version: 1.0.0.83 - Inbox.com, Inc.)
Redemption Cemetery: Bitterer Frost Sammleredition (HKLM-x32\...\BFG-Redemption Cemetery - Bitterer Frost Sammleredition) (Version: - )
Royal Envoy (HKLM-x32\...\BFG-Royal Envoy) (Version: - )
Royal Envoy 2 Sammleredition (HKLM-x32\...\BFG-Royal Envoy 2 Sammleredition) (Version: - )
Royal Envoy: Campaign for the Crown Sammleredition (HKLM-x32\...\BFG-Royal Envoy - Campaign for the Crown Sammleredition) (Version: - )
SAT1 GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)
Seven Seas Solitaire (HKLM-x32\...\BFG-Seven Seas Solitaire) (Version: - )
SiteRanker (HKLM-x32\...\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1) (Version: 1.0.0.29 - Crawler, LLC)
Sudoku, Kakuro & Friends (HKLM-x32\...\BFG-Sudoku, Kakuro & Friends) (Version: - )
Sweet Kingdom: Verhexte Prinzessin (HKLM-x32\...\BFG-Sweet Kingdom - Verhexte Prinzessin) (Version: - )
Tropical Fish Shop 2 (HKLM-x32\...\BFG-Tropical Fish Shop 2) (Version: - )
Weihnachtswunderland 2 (HKLM-x32\...\BFG-Weihnachtswunderland 2) (Version: - )
Weird Park - Broken Tune (HKLM-x32\...\f391612f1dc75ecfd794b51eda4d1db0) (Version: - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
World Mosaics 4 (HKLM-x32\...\BFG-World Mosaics 4) (Version: - )
World Riddles: Seven Wonders (HKLM-x32\...\BFG-World Riddles - Seven Wonders) (Version: - )
World's Greatest Places Mahjong (HKLM-x32\...\BFG-World's Greatest Places Mahjong) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2917026532-1704927967-2421539612-1000_Classes\CLSID\{AF808758-C780-404C-A4EE-4526323FD9B6}\InprocServer32 -> C:\Program Files (x86)\RebateInformer\RebInf64.dll (Valion Group)
CustomCLSID: HKU\S-1-5-21-2917026532-1704927967-2421539612-1000_Classes\CLSID\{CCB69577-088B-4004-9ED8-FF5BCC83A039}\InprocServer32 -> C:\Program Files (x86)\RebateInformer\RebInf64.dll (Valion Group)
CustomCLSID: HKU\S-1-5-21-2917026532-1704927967-2421539612-1000_Classes\CLSID\{D4AB823B-3EBC-477B-AA5B-D7061C9E83B0}\InprocServer32 -> C:\Program Files (x86)\RebateInformer\RebInf64.dll (Valion Group)
==================== Restore Points =========================
02-09-2014 06:04:25 Windows Update
05-09-2014 11:03:31 Windows Update
09-09-2014 07:02:33 Windows Update
10-09-2014 11:28:51 Windows Update
16-09-2014 07:01:33 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E52BB83-070B-4CB9-BB7D-B7A7ADCEEAA5} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-10-06] () <==== ATTENTION
Task: {1D22B8B7-825E-4949-A9A3-780E8F029FA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {E14195F0-CD3D-4A70-BE45-85C338DB77AC} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:000D6A25
AlternateDataStreams: C:\ProgramData\TEMP:01D2B3C4
AlternateDataStreams: C:\ProgramData\TEMP:0406003C
AlternateDataStreams: C:\ProgramData\TEMP:06C34166
AlternateDataStreams: C:\ProgramData\TEMP:07D64CD9
AlternateDataStreams: C:\ProgramData\TEMP:084612C9
AlternateDataStreams: C:\ProgramData\TEMP:08677BDD
AlternateDataStreams: C:\ProgramData\TEMP:089CBF08
AlternateDataStreams: C:\ProgramData\TEMP:0988A428
AlternateDataStreams: C:\ProgramData\TEMP:0A5F8BFC
AlternateDataStreams: C:\ProgramData\TEMP:0ADCCF52
AlternateDataStreams: C:\ProgramData\TEMP:0BF391F5
AlternateDataStreams: C:\ProgramData\TEMP:0BF4DA47
AlternateDataStreams: C:\ProgramData\TEMP:0E61938B
AlternateDataStreams: C:\ProgramData\TEMP:102394C6
AlternateDataStreams: C:\ProgramData\TEMP:113787F5
AlternateDataStreams: C:\ProgramData\TEMP:14D29229
AlternateDataStreams: C:\ProgramData\TEMP:160ADF0B
AlternateDataStreams: C:\ProgramData\TEMP:16A4620C
AlternateDataStreams: C:\ProgramData\TEMP:18B3AE54
AlternateDataStreams: C:\ProgramData\TEMP:1A5207FA
AlternateDataStreams: C:\ProgramData\TEMP:1A7FFE9C
AlternateDataStreams: C:\ProgramData\TEMP:1B927722
AlternateDataStreams: C:\ProgramData\TEMP:1BD02801
AlternateDataStreams: C:\ProgramData\TEMP:1E942FB9
AlternateDataStreams: C:\ProgramData\TEMP:258D2F8B
AlternateDataStreams: C:\ProgramData\TEMP:2775F9E2
AlternateDataStreams: C:\ProgramData\TEMP:27D1368B
AlternateDataStreams: C:\ProgramData\TEMP:28DB0DC4
AlternateDataStreams: C:\ProgramData\TEMP:2C678471
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:2E49FF93
AlternateDataStreams: C:\ProgramData\TEMP:2F5A06FD
AlternateDataStreams: C:\ProgramData\TEMP:30E0D641
AlternateDataStreams: C:\ProgramData\TEMP:322D2CD3
AlternateDataStreams: C:\ProgramData\TEMP:3571475C
AlternateDataStreams: C:\ProgramData\TEMP:38FF076E
AlternateDataStreams: C:\ProgramData\TEMP:3AF262FC
AlternateDataStreams: C:\ProgramData\TEMP:3DF14C8F
AlternateDataStreams: C:\ProgramData\TEMP:3E988A0F
AlternateDataStreams: C:\ProgramData\TEMP:41289DF0
AlternateDataStreams: C:\ProgramData\TEMP:4149A170
AlternateDataStreams: C:\ProgramData\TEMP:426D1496
AlternateDataStreams: C:\ProgramData\TEMP:43C9D140
AlternateDataStreams: C:\ProgramData\TEMP:45F3AD49
AlternateDataStreams: C:\ProgramData\TEMP:46CBC45C
AlternateDataStreams: C:\ProgramData\TEMP:4A853310
AlternateDataStreams: C:\ProgramData\TEMP:4D348522
AlternateDataStreams: C:\ProgramData\TEMP:4E6B8D68
AlternateDataStreams: C:\ProgramData\TEMP:4EE323A4
AlternateDataStreams: C:\ProgramData\TEMP:5539129F
AlternateDataStreams: C:\ProgramData\TEMP:5607B58C
AlternateDataStreams: C:\ProgramData\TEMP:57173DB4
AlternateDataStreams: C:\ProgramData\TEMP:5AC256BC
AlternateDataStreams: C:\ProgramData\TEMP:5B4686D7
AlternateDataStreams: C:\ProgramData\TEMP:5C3ED5BB
AlternateDataStreams: C:\ProgramData\TEMP:5DB36C47
AlternateDataStreams: C:\ProgramData\TEMP:60E0AB2A
AlternateDataStreams: C:\ProgramData\TEMP:614F17D3
AlternateDataStreams: C:\ProgramData\TEMP:627B7F7C
AlternateDataStreams: C:\ProgramData\TEMP:6294B369
AlternateDataStreams: C:\ProgramData\TEMP:639BB5E9
AlternateDataStreams: C:\ProgramData\TEMP:639F0420
AlternateDataStreams: C:\ProgramData\TEMP:661DC753
AlternateDataStreams: C:\ProgramData\TEMP:6A9EDD31
AlternateDataStreams: C:\ProgramData\TEMP:6AD1764B
AlternateDataStreams: C:\ProgramData\TEMP:6AD65294
AlternateDataStreams: C:\ProgramData\TEMP:6B50A605
AlternateDataStreams: C:\ProgramData\TEMP:6D54EED6
AlternateDataStreams: C:\ProgramData\TEMP:6DDFD746
AlternateDataStreams: C:\ProgramData\TEMP:6F1F66C0
AlternateDataStreams: C:\ProgramData\TEMP:708BB0FA
AlternateDataStreams: C:\ProgramData\TEMP:762408BA
AlternateDataStreams: C:\ProgramData\TEMP:785C7C53
AlternateDataStreams: C:\ProgramData\TEMP:79112E1D
AlternateDataStreams: C:\ProgramData\TEMP:79C6A9CE
AlternateDataStreams: C:\ProgramData\TEMP:7A2101AB
AlternateDataStreams: C:\ProgramData\TEMP:7ADA8871
AlternateDataStreams: C:\ProgramData\TEMP:7BB584AA
AlternateDataStreams: C:\ProgramData\TEMP:7D288858
AlternateDataStreams: C:\ProgramData\TEMP:7DC5D762
AlternateDataStreams: C:\ProgramData\TEMP:803039D6
AlternateDataStreams: C:\ProgramData\TEMP:819394CC
AlternateDataStreams: C:\ProgramData\TEMP:85345626
AlternateDataStreams: C:\ProgramData\TEMP:86148D88
AlternateDataStreams: C:\ProgramData\TEMP:884C7316
AlternateDataStreams: C:\ProgramData\TEMP:8B1667C1
AlternateDataStreams: C:\ProgramData\TEMP:8DD36B71
AlternateDataStreams: C:\ProgramData\TEMP:8F00BFC0
AlternateDataStreams: C:\ProgramData\TEMP:8F067037
AlternateDataStreams: C:\ProgramData\TEMP:8F4E260C
AlternateDataStreams: C:\ProgramData\TEMP:8FA72FF8
AlternateDataStreams: C:\ProgramData\TEMP:9603033A
AlternateDataStreams: C:\ProgramData\TEMP:97B3B270
AlternateDataStreams: C:\ProgramData\TEMP:97CA3B9E
AlternateDataStreams: C:\ProgramData\TEMP:993185CB
AlternateDataStreams: C:\ProgramData\TEMP:9C7A32BB
AlternateDataStreams: C:\ProgramData\TEMP:9D03192E
AlternateDataStreams: C:\ProgramData\TEMP:9D2DE4B4
AlternateDataStreams: C:\ProgramData\TEMP:A10E88DE
AlternateDataStreams: C:\ProgramData\TEMP:A18121AD
AlternateDataStreams: C:\ProgramData\TEMP:A4ACFB14
AlternateDataStreams: C:\ProgramData\TEMP:A9ABA3FF
AlternateDataStreams: C:\ProgramData\TEMP:AA93EFD3
AlternateDataStreams: C:\ProgramData\TEMP:AC116044
AlternateDataStreams: C:\ProgramData\TEMP:AD020DC3
AlternateDataStreams: C:\ProgramData\TEMP:AE289451
AlternateDataStreams: C:\ProgramData\TEMP:AE75CCC8
AlternateDataStreams: C:\ProgramData\TEMP:B1EEADE7
AlternateDataStreams: C:\ProgramData\TEMP:B36361EE
AlternateDataStreams: C:\ProgramData\TEMP:B4186923
AlternateDataStreams: C:\ProgramData\TEMP:B522B91B
AlternateDataStreams: C:\ProgramData\TEMP:B64F7263
AlternateDataStreams: C:\ProgramData\TEMP:B65E763D
AlternateDataStreams: C:\ProgramData\TEMP:B6B87ADA
AlternateDataStreams: C:\ProgramData\TEMP:B709343D
AlternateDataStreams: C:\ProgramData\TEMP:B790962B
AlternateDataStreams: C:\ProgramData\TEMP:B83F1B83
AlternateDataStreams: C:\ProgramData\TEMP:BABA07C2
AlternateDataStreams: C:\ProgramData\TEMP:BC898B69
AlternateDataStreams: C:\ProgramData\TEMP:BC8E9899
AlternateDataStreams: C:\ProgramData\TEMP:BEB6D0B2
AlternateDataStreams: C:\ProgramData\TEMP:BECA50FF
AlternateDataStreams: C:\ProgramData\TEMP:BFE54417
AlternateDataStreams: C:\ProgramData\TEMP:C5E2BAEE
AlternateDataStreams: C:\ProgramData\TEMP:C7857F06
AlternateDataStreams: C:\ProgramData\TEMP:C7F5E798
AlternateDataStreams: C:\ProgramData\TEMP:C80AB70B
AlternateDataStreams: C:\ProgramData\TEMP:C98828D3
AlternateDataStreams: C:\ProgramData\TEMP:CA0CE093
AlternateDataStreams: C:\ProgramData\TEMP:CB0EB1DE
AlternateDataStreams: C:\ProgramData\TEMP:CC45913B
AlternateDataStreams: C:\ProgramData\TEMP:CF61CE5A
AlternateDataStreams: C:\ProgramData\TEMP:D2397415
AlternateDataStreams: C:\ProgramData\TEMP:D3331ADB
AlternateDataStreams: C:\ProgramData\TEMP:D3A82449
AlternateDataStreams: C:\ProgramData\TEMP:D507AEDA
AlternateDataStreams: C:\ProgramData\TEMP:D696AA12
AlternateDataStreams: C:\ProgramData\TEMP:D6A4A911
AlternateDataStreams: C:\ProgramData\TEMP:D8A1AC56
AlternateDataStreams: C:\ProgramData\TEMP:D9B1EB7E
AlternateDataStreams: C:\ProgramData\TEMP:D9EDE5FA
AlternateDataStreams: C:\ProgramData\TEMP:DA7655EA
AlternateDataStreams: C:\ProgramData\TEMP:E07230CC
AlternateDataStreams: C:\ProgramData\TEMP:E0CDBB5A
AlternateDataStreams: C:\ProgramData\TEMP:E153075C
AlternateDataStreams: C:\ProgramData\TEMP:E1610EDC
AlternateDataStreams: C:\ProgramData\TEMP:E1D06077
AlternateDataStreams: C:\ProgramData\TEMP:E222F217
AlternateDataStreams: C:\ProgramData\TEMP:E44D7155
AlternateDataStreams: C:\ProgramData\TEMP:E4BC4A41
AlternateDataStreams: C:\ProgramData\TEMP:E54FC174
AlternateDataStreams: C:\ProgramData\TEMP:E5BA9ADD
AlternateDataStreams: C:\ProgramData\TEMP:E6708F08
AlternateDataStreams: C:\ProgramData\TEMP:EB68CA55
AlternateDataStreams: C:\ProgramData\TEMP:EB86F355
AlternateDataStreams: C:\ProgramData\TEMP:EBCF5924
AlternateDataStreams: C:\ProgramData\TEMP:EC752217
AlternateDataStreams: C:\ProgramData\TEMP:ED194880
AlternateDataStreams: C:\ProgramData\TEMP:ED796303
AlternateDataStreams: C:\ProgramData\TEMP:F1175E1D
AlternateDataStreams: C:\ProgramData\TEMP:F117D09A
AlternateDataStreams: C:\ProgramData\TEMP:F1F936DF
AlternateDataStreams: C:\ProgramData\TEMP:F2AF86D9
AlternateDataStreams: C:\ProgramData\TEMP:F44D3C53
AlternateDataStreams: C:\ProgramData\TEMP:F4BF61E8
AlternateDataStreams: C:\ProgramData\TEMP:F52DB269
AlternateDataStreams: C:\ProgramData\TEMP:F7581CE6
AlternateDataStreams: C:\ProgramData\TEMP:F760FD47
AlternateDataStreams: C:\ProgramData\TEMP:F7FFE8AF
AlternateDataStreams: C:\ProgramData\TEMP:F98E6C67
AlternateDataStreams: C:\ProgramData\TEMP:FBF4285F
AlternateDataStreams: C:\ProgramData\TEMP:FD38E906
AlternateDataStreams: C:\ProgramData\TEMP:FD786DCA
AlternateDataStreams: C:\ProgramData\TEMP:FDC41D2C
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
==================== Faulty Device Manager Devices =============
Name: USB ISDN Device
Description: USB ISDN Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/17/2014 08:32:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:27:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:18:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:13:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:03:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 07:51:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000222d2
ID des fehlerhaften Prozesses: 0x4828
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (09/17/2014 07:51:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001f804f
ID des fehlerhaften Prozesses: 0x4798
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Error: (09/17/2014 05:39:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17280 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2a4
Startzeit: 01cfd288388d40c4
Endzeit: 47
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID:
Error: (09/17/2014 04:09:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17280 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d98
Startzeit: 01cfd27c5600b018
Endzeit: 23
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID:
Error: (09/17/2014 03:34:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/17/2014 08:06:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/16/2014 08:57:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/16/2014 08:57:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Error: (09/15/2014 03:55:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/15/2014 03:55:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Error: (09/15/2014 03:53:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/15/2014 03:53:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/15/2014 03:52:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/15/2014 03:52:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/15/2014 03:52:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (09/17/2014 08:32:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:27:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:18:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:13:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 08:03:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/17/2014 07:51:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.1.7601.18247521ea8e7c0000005000222d2482801cfd29fef723a61C:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll3124188c-3e93-11e4-a33b-5404a612a8dd
Error: (09/17/2014 07:51:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91bfgclient.exe3.3.0.253179a91c0000005001f804f479801cfd29feeb73cc1C:\Program Files (x86)\bfgclient\bfgclient.exeC:\Program Files (x86)\bfgclient\bfgclient.exe2e9aa509-3e93-11e4-a33b-5404a612a8dd
Error: (09/17/2014 05:39:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.172802a401cfd288388d40c447C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (09/17/2014 04:09:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17280d9801cfd27c5600b01823C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (09/17/2014 03:34:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 20%
Total physical RAM: 7918.12 MB
Available physical RAM: 6313.02 MB
Total Pagefile: 15834.41 MB
Available Pagefile: 14102.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:921.75 GB) (Free:863.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EC26B0D4)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
| Themen zu Win 7, langsamer Start und Probleme im Internet |
| adware, antivir, avira, computer, desktop, error, fehlermeldung, flash player, helper, home, iexplore.exe, internet, karte, object, online games, realtek, registry, scan, secur, security, software, svchost.exe, system, usb, windows, wlan |
Baum-Darstellung