Pc langsam

sabi1233 · 27.09.2014, 09:52

Hallo,

nun sitze ich seit 4 Tagen an meinem PC und komme nicht weiter.

Habe schon einige Virenscanner laufen lassen, aber immer wieder findet er was.

Habe mir hier vielen durch gelesen, komme aber einfach nicht weiter. Mein Firefox ist sehr langsam, habe diesen auch schon komplett neu gemacht, es hat nichts gebracht.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-09-2014
Ran by sj (administrator) on SJ-PC on 27-09-2014 10:48:40
Running from C:\Users\sj\Downloads
Loaded Profile: sj (Available profiles: sj)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
() C:\Windows\System32\Rezip.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATIJHE.EXE
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
() C:\Program Files\ac'tivAid\AutoHotkey\AutoHotkey.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-08-28] (Synaptics, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-07] (AVAST Software)
HKU\S-1-5-21-2438687746-3058713467-3671330042-1003\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIJHE.EXE [249440 2012-02-27] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2438687746-3058713467-3671330042-1003\...\Run: [RoboForm] => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-06-23] (Siber Systems)
Startup: C:\Users\sj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ac'tivAid.lnk
ShortcutTarget: ac'tivAid.lnk -> C:\Program Files\ac'tivAid\Portable_ac'tivAid.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\sj\AppData\Roaming\Mozilla\Firefox\Profiles\681zb0jo.default-1387116372945
FF DefaultSearchEngine: Wikipedia (de)
FF Homepage: hxxp://www.artosa.de/Forum/index.php
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Fasterfox Lite - C:\Users\sj\AppData\Roaming\Mozilla\Firefox\Profiles\681zb0jo.default-1387116372945\Extensions\FasterFox_Lite@BigRedBrent [2014-09-25]
FF Extension: Classic Theme Restorer - C:\Users\sj\AppData\Roaming\Mozilla\Firefox\Profiles\681zb0jo.default-1387116372945\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-09-24]
FF Extension: FindBar Tweak - C:\Users\sj\AppData\Roaming\Mozilla\Firefox\Profiles\681zb0jo.default-1387116372945\Extensions\fbt@quicksaver.xpi [2014-09-24]
FF Extension: Smoother Web - C:\Users\sj\AppData\Roaming\Mozilla\Firefox\Profiles\681zb0jo.default-1387116372945\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-09-24]
FF Extension: No Referrer ( Misspelled Referer ) - C:\Users\sj\AppData\Roaming\Mozilla\Firefox\Profiles\681zb0jo.default-1387116372945\Extensions\tito@no-referrer.xpi [2014-09-24]
FF Extension: Adblock Plus - C:\Users\sj\AppData\Roaming\Mozilla\Firefox\Profiles\681zb0jo.default-1387116372945\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-25]
FF Extension: Tab Mix Plus - C:\Users\sj\AppData\Roaming\Mozilla\Firefox\Profiles\681zb0jo.default-1387116372945\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-09-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-04-16]
FF HKLM\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files\Siber Systems\AI RoboForm\Firefox [2013-04-15]
FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2014-08-13]
FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files\Siber Systems\AI RoboForm\Firefox
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\sj\AppData\Roaming\Mozilla\Firefox\Profiles\681zb0jo.default-1387116372945\extensions\cliqz@cliqz.com
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\sj\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll ()
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\sj\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U51) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR CustomProfile: C:\Users\sj\AppData\Local\Google\Chrome\User Data\Default
CHR CustomProfile: C:\Users\sj\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\sj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (Google Wallet) - C:\Users\sj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-24]
CHR Extension: (RoboForm) - C:\Users\sj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-06-24]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-23]
CHR StartMenuInternet: Google Chrome - chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AAV UpdateService; C:\Program Files\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-07] (AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-27] (SEIKO EPSON CORPORATION)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-13] (Microsoft Corporation)
R2 Rezip; C:\Windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
S4 SamsungAllShareV2.0; C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504 2012-03-02] (Samsung Electronics Co., Ltd.)
S4 SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [27584 2012-03-02] (Samsung Electronics Co., Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-07] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-08-07] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-08-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-07] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-08-07] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-07] ()
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2013-11-04] (AVM Berlin)
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2008-08-12] (SAMSUNG ELECTRONICS CO., LTD.)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [204432 2012-06-05] (Realtek Semiconductor Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
R3 VMC326; C:\Windows\System32\Drivers\VMC326.sys [238464 2008-11-21] (Vimicro Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\sj\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 10:48 - 2014-09-27 10:49 - 00015217 _____ () C:\Users\sj\Downloads\FRST.txt
2014-09-27 10:48 - 2014-09-27 10:48 - 01100288 _____ (Farbar) C:\Users\sj\Downloads\FRST.exe
2014-09-27 10:48 - 2014-09-27 10:48 - 00000000 ____D () C:\FRST
2014-09-27 10:13 - 2014-09-27 10:26 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-09-27 00:52 - 2014-09-27 10:00 - 00000000 ____D () C:\AdwCleaner
2014-09-27 00:51 - 2014-09-27 00:52 - 01373475 _____ () C:\Users\sj\Downloads\AdwCleaner_3.310.exe
2014-09-27 00:43 - 2014-09-27 00:43 - 00011763 _____ () C:\ComboFix.txt
2014-09-27 00:29 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-27 00:29 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-27 00:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-27 00:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-27 00:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-27 00:29 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-27 00:29 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-27 00:29 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-27 00:21 - 2014-09-27 00:44 - 00000000 ____D () C:\Qoobox
2014-09-27 00:21 - 2014-09-27 00:41 - 00000000 ____D () C:\Windows\erdnt
2014-09-27 00:07 - 2014-09-27 00:12 - 00000000 ____D () C:\Users\sj\AppData\Local\kingsoft
2014-09-27 00:07 - 2014-09-27 00:11 - 00000000 ____D () C:\Users\sj\AppData\Roaming\kingsoft
2014-09-27 00:07 - 2014-09-27 00:07 - 00000000 ____D () C:\Users\sj\AppData\Roaming\office6
2014-09-27 00:07 - 2014-09-27 00:07 - 00000000 ____D () C:\ProgramData\kingsoft
2014-09-27 00:05 - 2014-09-27 00:48 - 00000000 ____D () C:\Program Files\Glarysoft
2014-09-27 00:05 - 2014-09-27 00:05 - 00000547 _____ () C:\GUDownLoaddebug.txt
2014-09-26 23:34 - 2014-09-26 23:35 - 00001147 _____ () C:\DelFix.txt
2014-09-26 22:56 - 2014-09-26 23:34 - 00000000 ____D () C:\Windows\ERUNT
2014-09-26 22:50 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-26 20:40 - 2014-09-26 20:40 - 00000036 _____ () C:\Users\sj\AppData\Local\housecall.guid.cache
2014-09-25 21:23 - 2014-09-27 09:55 - 00088900 _____ () C:\Windows\PFRO.log
2014-09-25 00:40 - 2014-09-25 00:41 - 22227284 _____ () C:\Users\sj\Documents\Firefox 29.0.1 (de) - 2014-09-25.pcv
2014-09-25 00:10 - 2014-09-25 00:10 - 03675824 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2014-09-24 23:36 - 2014-09-26 21:35 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-24 23:33 - 2014-09-24 23:33 - 00000859 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-24 23:33 - 2014-09-24 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-24 23:33 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-24 23:33 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-24 23:33 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-24 23:32 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-09-24 23:32 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-09-24 23:31 - 2014-09-24 23:31 - 01101648 _____ () C:\Users\sj\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-09-24 23:30 - 2014-09-09 08:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 23:26 - 2014-09-24 23:26 - 00000064 _____ () C:\Users\sj\AppData\Roaming\WB.CFG
2014-09-24 23:26 - 2014-09-24 23:26 - 00000000 __RSH () C:\MSDOS.SYS
2014-09-24 23:26 - 2014-09-24 23:26 - 00000000 __RSH () C:\IO.SYS
2014-09-24 23:00 - 2014-09-24 23:54 - 199094043 _____ () C:\Users\sj\Documents\Thunderbird 24.1.0 (de) - 2014-09-24.pcv
2014-09-24 21:08 - 2014-09-24 21:08 - 00055367 _____ () C:\Users\sj\Downloads\3E270AC3-8936-43FB-AD20-B4685172A83D(2).XPI
2014-09-24 21:07 - 2014-09-24 21:07 - 00055367 _____ () C:\Users\sj\Downloads\3E270AC3-8936-43FB-AD20-B4685172A83D(1).XPI
2014-09-24 19:52 - 2014-09-24 19:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-22 08:53 - 2014-09-24 23:33 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-09-22 08:53 - 2014-09-22 08:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-22 00:31 - 2014-09-22 00:31 - 00000000 ____D () C:\Users\sj\AppData\Local\com
2014-09-22 00:29 - 2014-09-22 00:29 - 00000000 ____D () C:\Users\sj\AppData\Local\fastplayer
2014-09-22 00:27 - 2014-09-22 00:27 - 01382448 _____ () C:\Users\sj\Downloads\Player Setup (3).exe
2014-09-22 00:26 - 2014-09-22 00:26 - 01382448 _____ () C:\Users\sj\Downloads\Player Setup (2).exe
2014-09-22 00:26 - 2014-09-22 00:26 - 01382448 _____ () C:\Users\sj\Downloads\Player Setup (1).exe
2014-09-22 00:25 - 2014-09-22 00:25 - 00445728 _____ () C:\Users\sj\Downloads\Purzel_Video_Anal_Qual_15_German_XXX_DVDRiP_XviD_CHiKANi.exe
2014-09-19 13:39 - 2014-09-19 13:39 - 01165004 _____ () C:\Users\sj\Desktop\Foto5
2014-09-17 21:05 - 2014-09-17 21:05 - 00623065 _____ () C:\Users\sj\Desktop\P&G 5€ Gutschein.odt
2014-09-13 03:13 - 2014-08-15 16:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 03:13 - 2014-08-15 16:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 03:13 - 2014-08-15 16:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 03:13 - 2014-08-15 16:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 03:13 - 2014-08-15 16:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 03:13 - 2014-08-15 16:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 03:13 - 2014-08-15 16:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 03:13 - 2014-08-15 16:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-13 03:13 - 2014-08-15 16:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 03:13 - 2014-08-15 16:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 03:13 - 2014-08-15 16:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 03:13 - 2014-08-15 16:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-13 03:13 - 2014-08-15 16:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 03:13 - 2014-08-15 16:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 03:13 - 2014-08-15 16:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 03:13 - 2014-08-15 16:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-13 03:13 - 2014-08-15 16:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 03:13 - 2014-08-15 16:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 03:13 - 2014-08-15 16:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 03:13 - 2014-08-15 16:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-13 03:13 - 2014-08-15 16:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-03 22:16 - 2014-09-03 22:16 - 00230129 _____ () C:\Users\sj\Desktop\37345-uebersicht-ean-codes-real-129.html
2014-09-03 00:55 - 2014-09-03 00:55 - 01265376 _____ () C:\Users\sj\Downloads\Setup.exe
2014-09-03 00:52 - 2014-09-03 00:52 - 01265400 _____ () C:\Users\sj\Downloads\Player Setup.exe
2014-09-02 20:16 - 2014-09-02 20:16 - 00634880 _____ () C:\DirectControl.exe
2014-09-01 10:18 - 2014-09-01 10:18 - 00002086 _____ () C:\Users\sj\AppData\Roaming\DMKDVA
2014-09-01 10:18 - 2014-09-01 10:18 - 00001248 _____ () C:\Users\sj\AppData\Roaming\WPPN
2014-09-01 00:07 - 2014-09-01 00:07 - 01058200 _____ (Adobe) C:\Users\sj\Downloads\install_flashplayer14x32au_mssd_aaa_aih(1).exe
2014-08-28 03:00 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 03:00 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-27 10:34 - 2009-06-12 05:25 - 01394361 _____ () C:\Windows\WindowsUpdate.log
2014-09-27 10:26 - 2013-04-15 22:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-27 10:10 - 2013-10-08 22:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-27 09:58 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-27 09:58 - 2006-11-02 14:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-27 09:58 - 2006-11-02 14:47 - 00004784 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-27 09:57 - 2009-04-29 02:08 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-09-27 09:57 - 2006-11-02 15:01 - 00032636 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-27 00:44 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-09-27 00:44 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-09-27 00:41 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-09-27 00:18 - 2009-06-27 18:23 - 00105976 _____ () C:\Users\sj\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-27 00:17 - 2006-11-02 14:47 - 00408952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-26 22:50 - 2013-12-06 15:03 - 00000818 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-26 22:50 - 2013-04-15 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-26 22:50 - 2009-06-27 18:22 - 00000929 _____ () C:\Users\sj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-26 22:50 - 2009-06-27 18:19 - 00000000 ____D () C:\Users\sj
2014-09-26 20:23 - 2013-04-15 23:01 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-26 20:23 - 2013-04-15 23:01 - 00001086 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-26 08:25 - 2013-10-28 01:08 - 00042676 _____ () C:\Users\sj\Desktop\Emailliste NEU.odt
2014-09-25 21:20 - 2014-04-21 10:33 - 00000000 ____D () C:\Windows\Minidump
2014-09-25 00:21 - 2013-04-15 23:03 - 00001923 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 00:16 - 2013-12-06 15:03 - 00000846 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-25 00:10 - 2013-04-16 23:04 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-25 00:10 - 2013-04-16 23:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-24 23:59 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-09-24 23:49 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-09-24 23:31 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-24 23:27 - 2014-08-07 15:04 - 00001833 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-24 23:25 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2014-09-24 23:25 - 2006-11-02 12:22 - 47972352 _____ () C:\Windows\system32\config\software_previous
2014-09-24 23:25 - 2006-11-02 12:22 - 41943040 _____ () C:\Windows\system32\config\components_previous
2014-09-24 23:25 - 2006-11-02 12:22 - 41156608 _____ () C:\Windows\system32\config\system_previous
2014-09-24 23:25 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\default_previous
2014-09-24 23:25 - 2006-11-02 12:22 - 00061440 _____ () C:\Windows\system32\config\sam_previous
2014-09-24 23:25 - 2006-11-02 12:22 - 00028672 _____ () C:\Windows\system32\config\security_previous
2014-09-24 23:24 - 2014-08-01 10:26 - 00000000 ____D () C:\Users\sj\Downloads\hallo_files
2014-09-24 23:24 - 2014-08-01 10:25 - 00000000 ____D () C:\Users\sj\Downloads\for me – mit freundlicher Empfehlung von P&G Ideen, Tipps, Rezepte & Gratis-Produkte_files
2014-09-24 23:24 - 2014-05-09 00:38 - 00000000 ___SD () C:\Users\sj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
2014-09-24 23:24 - 2014-02-07 01:13 - 00000000 ____D () C:\Users\sj\AppData\Roaming\vlc
2014-09-24 23:24 - 2013-11-23 23:09 - 00000000 ____D () C:\Users\sj\Bild Steuer 2013
2014-09-24 23:24 - 2013-11-04 21:17 - 00000000 ___RD () C:\Users\sj\rempnp
2014-09-24 23:24 - 2013-11-04 21:14 - 00000000 ____D () C:\Users\sj\Downloads\rempnp
2014-09-24 23:24 - 2013-10-26 01:43 - 00000000 ____D () C:\Users\sj\OpenOffice 4.0.1 (de) Installation Files
2014-09-24 23:24 - 2013-10-14 19:25 - 00000000 ____D () C:\Users\sj\Bild.Steuer.2013.German-iND
2014-09-24 23:24 - 2013-09-10 22:16 - 00000000 ____D () C:\Users\sj\AppData\Local\gtk-2.0
2014-09-24 23:24 - 2013-07-30 00:49 - 00000000 ____D () C:\Users\sj\AppData\Roaming\LavFilters
2014-09-24 23:24 - 2013-07-30 00:49 - 00000000 ____D () C:\Users\sj\AppData\Roaming\CDXReader
2014-09-24 23:24 - 2013-04-30 20:13 - 00000000 ____D () C:\Users\sj\OpenOffice.org 3.4.1 (de) Installation Files
2014-09-24 23:24 - 2013-04-28 20:38 - 00000000 ____D () C:\Users\sj\Downloads\TaskbarPP12 (1)
2014-09-24 23:24 - 2013-04-15 22:57 - 00000000 ____D () C:\Users\sj\AppData\Roaming\Thunderbird
2014-09-24 23:24 - 2009-06-27 18:21 - 00000000 ____D () C:\Users\sj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-09-24 23:24 - 2009-06-27 18:19 - 00000000 ___RD () C:\Users\sj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-24 23:24 - 2009-06-27 18:19 - 00000000 ___RD () C:\Users\sj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-24 23:24 - 2009-04-28 10:21 - 00000000 ____D () C:\Windows\VMC326
2014-09-24 23:24 - 2006-11-02 13:18 - 00000000 __RSD () C:\Windows\Media
2014-09-24 23:24 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2014-09-24 23:24 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2014-09-24 19:42 - 2014-08-02 16:24 - 00000000 ____D () C:\Users\sj\AppData\Local\Paint.NET
2014-09-20 10:20 - 2014-08-08 22:22 - 00000000 ____D () C:\Users\sj\Desktop\Coupons
2014-09-13 15:01 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-13 03:12 - 2013-08-21 03:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 03:04 - 2006-11-02 12:24 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-13 03:01 - 2006-11-02 12:33 - 01691248 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-09 20:40 - 2014-08-02 00:25 - 00000000 ____D () C:\Users\sj\Documents\PDF Files
2014-09-05 08:42 - 2014-08-04 18:34 - 00000638 _____ () C:\Users\sj\Desktop\cashback.txt
2014-09-03 09:31 - 2013-11-09 21:26 - 00000000 ____D () C:\Users\sj\AppData\Roaming\Epson
2014-09-02 13:20 - 2014-04-08 08:53 - 00034533 _____ () C:\Users\sj\Documents\Unbenannt 1.odt

Files to move or delete:
====================
C:\Users\sj\SpeedAutoClicker.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-27 10:04

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-09-2014
Ran by sj at 2014-09-27 10:50:00
Running from C:\Users\sj\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.4518.1014 - Microsoft Corporation)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adblock Plus for IE (32-bit) (HKLM\...\{4653FE0D-2762-41B6-A757-8C4F00B790C3}) (Version: 1.0 - Eyeo GmbH)
Adblock Plus for IE (HKLM\...\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}) (Version: 1.0 - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Anleitung für Epson Connect (HKLM\...\Epson Connect Guide) (Version: - )
Any Video Converter 5.5.5 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Atheros WLAN Client (HKLM\...\{04983D37-2202-4295-94A2-8B547C66133F}) (Version: 1.00.000 - )
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
BatteryLifeExtender (HKLM\...\{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}) (Version: 1.0.0 - Samsung)
BILD-Steuer 2013 (HKLM\...\{33030435-243F-4111-BD25-C6A447E8A84F}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Burn4Free DVD Burning 6.6.0.0 (HKLM\...\Burn4Free DVD Burning_is1) (Version: - Ikysasoft s.r.l. uninominale)
Business Contact Manager für Outlook 2007 SP1 (HKLM\...\Business Contact Manager) (Version: 3.0.7311.0 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP1 (Version: 3.0.7311.0 - Microsoft Corporation) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0312.2223.38381 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2706 - CyberLink Corp.)
CyberLink YouCam (Version: 2.0.2706 - CyberLink Corp.) Hidden
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Druckerdeinstallation für EPSON WF-3540 Series (HKLM\...\EPSON WF-3540 Series) (Version: - SEIKO EPSON Corporation)
Easy Battery Manager (HKLM\...\{6F730513-8688-4C3C-90A3-6B9792CE2EF3}) (Version: 3.2.1.7 - Samsung)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 2.3 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{A7581D39-EA20-4883-A480-80C21047052B}) (Version: 4.0.2 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.0.2.4 - )
Epson Benutzerhandbuch WF-3540 Series (HKLM\...\WF-3540 Series Useg) (Version: - )
Epson Event Manager (HKLM\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch WF-3540 Series (HKLM\...\WF-3540 Series Netg) (Version: - )
Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)
GhostMouse (HKLM\...\GhostMouse_is1) (Version: Free V3.2.1 - ghost-mouse.com)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
imagine digital freedom - Samsung (HKLM\...\{8E106A57-A17E-431D-B48F-175E42EB9F74}) (Version: 1.0.2.2 - Samsung Electronics Co. Ltd.,)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D2777D85-7E63-402F-A5E7-2AF436C1C9D4}) (Version: 12.01.2000 - Intel(R) Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.45.3.3 - Marvell)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.1.2047.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.1.0 (x86 de)) (Version: 24.1.0 - Mozilla)
Namuga 1.3M Webcam (HKLM\...\{71A51B59-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
OpenOffice 4.1.0 (HKLM\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
Passbild-Generator v3.6b (HKLM\...\Passbild-Generator_is1) (Version: - Passbild-Generator)
Pazera Free MP4 to AVI Converter 1.8 (HKLM\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.8 - Pazera Jacek)
PCTroubleshooting (HKLM\...\{68CAE442-579C-4D84-AA5F-253852522ED5}) (Version: 2.0.0.3 - Samsung Electronics Co.,LTD.)
PDF Experte 9 Ultimate (HKLM\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 9.00.0.0 - Avanquest Software)
Pixum Fotobuch (HKLM\...\Pixum Fotobuch) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Realtek HDMI Audio Driver for ATI (HKLM\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{46710AEB-ACE9-4386-9DFB-8B65153BFA74}) (Version: 1.02.0085 - REALTEK Semiconductor Corp.)
RoboForm 7-9-7-5 (All Users) (HKLM\...\AI RoboForm) (Version: 7-9-7-5 - Siber Systems)
Samsung AllShare (HKLM\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magic Doctor (HKLM\...\{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}) (Version: 5.0 - Samsung Electronics Co., LTD)
Samsung Recovery Solution III (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 3.0.0.8 - Samsung)
Samsung Update Plus (HKLM\...\InstallShield_{A5F483F0-2D79-4FCA-AE09-D0D96E23EBF7}) (Version: 2.0 - Samsung Electronics Co., LTD)
Samsung Update Plus (Version: 2.0 - Samsung Electronics Co., LTD) Hidden
Software Updater (HKLM\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.2 - Synaptics)
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.245 - TuneUp Software) Hidden
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.2047.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Office 2007 (KB934528) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{2B939677-2FFD-48F6-9075-7BF48CB87C80}) (Version: - )
Update for Office System 2007 Setup (KB929722) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}) (Version: - )
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{090746F9-9F39-42C0-920A-4852C2EDE704}\InprocServer32 -> C:\Program Files\Avanquest\PDF Experte 9 Ultimate\APAX.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{A0203CED-CEA4-4A75-AC36-D3A3230E01DF}\InprocServer32 -> C:\Program Files\Avanquest\PDF Experte 9 Ultimate\APAX.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2438687746-3058713467-3671330042-1003_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)

==================== Restore Points =========================

26-09-2014 21:34:53 Ende der Bereinigung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2014-09-27 00:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09575AB0-1723-4DDA-AD53-2870EEC03B0C} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMLJMJOJPMGMJMLMLJCNJJIMKJOJCNLMMJLMMMCNGMPMNJHMCNGMMMKMLMIMNMGMNJOMJMJJKMJNJICMIMCNGMCNIMFMGMCNPMCNHMOMOMNMFMJMCNPMCNJMPMPMNMCNNMJNPI CMOMFMMJBJKJLIMJFMLMMMLMJNHICMEKMICNJJCKJNBJCMMIFJJNKJCMFIOJBJLJKJNIAKMIOJNJNIGJBJOJPLIIKJNJBNLJKJJNNICMJNDJCMLJKJJNMJCMLMFMNMNMHMFMPMJNFICMGJLJKJBJLI GJLIGJKJMIBNKJHIKJ"
Task: {0F584E2F-5A44-4515-A793-7D3E61E5D97B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {0FB6215C-76C2-48AF-B40A-5A7A4483D400} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {13E12F46-D6B5-4366-B2AF-FE88AAB7A35E} - \WSE_Astromenda No Task File <==== ATTENTION
Task: {17B9910A-3476-4D63-92A5-AF0C1F9BA3D9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-07] (AVAST Software)
Task: {1845D226-FF69-4C13-9FFB-0E6D53EE23A2} - \26ac648b-fd58-4e8b-9d62-df35e50afc7f-11 No Task File <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1E108FDB-DCCA-4A68-8CD1-0495598C3A36} - \0d350773-89d9-4b6f-8763-686beb483068 No Task File <==== ATTENTION
Task: {2093A143-4EA9-412F-B01C-67CE929DBEED} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-03-20] (Samsung Electronics Co., Ltd.)
Task: {2FF9BCD1-2966-48C5-97EF-6197969C2BDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-15] (Google Inc.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {328D2593-7AEE-4107-A058-627486C66DAD} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {38D51A1E-AD4C-4EA1-8C38-F87117F45032} - \26ac648b-fd58-4e8b-9d62-df35e50afc7f-4 No Task File <==== ATTENTION
Task: {3903AB13-728A-4384-A9F5-2DE1486792CD} - \26ac648b-fd58-4e8b-9d62-df35e50afc7f-5 No Task File <==== ATTENTION
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3C95D3BC-C99B-4FC4-A117-F621173A3A96} - \c42520a5-47f4-4735-a9b4-a21f5cd15466 No Task File <==== ATTENTION
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4BAD325C-4C26-47C1-8380-26603DBE23AD} - \26ac648b-fd58-4e8b-9d62-df35e50afc7f-1 No Task File <==== ATTENTION
Task: {4EC8F361-EC12-48E9-9C56-837ED01DFA32} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {570B1DE1-33B7-4315-BCA0-A269B763F199} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-03-13] (Samsung Electronics. Co. Ltd.)
Task: {5BF1AD37-108C-4B77-B09A-9C076538E46F} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {5E66BC8D-8B26-41AB-8F09-314E757549A8} - System32\Tasks\SamsungMagicDoctor => C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe [2008-08-26] (Samsung Electronics Co., Ltd.)
Task: {6CDA04F1-DB5B-4DF1-9191-78308A9D0FBE} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {71BD8784-9945-4C30-AD0B-6522A060A8C1} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-02-16] (Samsung Electronics Co., Ltd.)
Task: {7569CEA2-AF9E-4462-B1FC-D1B01AAC7073} - \26ac648b-fd58-4e8b-9d62-df35e50afc7f-3 No Task File <==== ATTENTION
Task: {7B3C1EA3-3AF4-4D6C-9557-7CE8D56516B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-15] (Google Inc.)
Task: {7BFA909B-032D-486D-94F2-3595083A7EF6} - \26ac648b-fd58-4e8b-9d62-df35e50afc7f-7 No Task File <==== ATTENTION
Task: {826A5460-BD0E-49FB-BEAD-50F43464141C} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe [2008-12-10] (SAMSUNG Electronics co., LTD.)
Task: {890EA565-6694-451E-AABE-B4E8DF43D775} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {909B339F-2CCC-4D29-966A-F2F4F098508E} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-06-23] (Siber Systems)
Task: {9E3B1C7D-D60D-4513-AC3D-BF796783FF10} - \26ac648b-fd58-4e8b-9d62-df35e50afc7f-6 No Task File <==== ATTENTION
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {C024F8A4-9DE5-40F6-A0B3-145E6FD790BB} - \ASP No Task File <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EA1502AC-1DA5-4A28-A78A-264049B6A350} - \26ac648b-fd58-4e8b-9d62-df35e50afc7f-5_user No Task File <==== ATTENTION
Task: {F867D0F7-C30E-4E3F-9E9C-A38DC7D66DD0} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {FD250501-2C48-4821-B9EF-B338B2FFADD1} - \26ac648b-fd58-4e8b-9d62-df35e50afc7f-2 No Task File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-16 12:42 - 2014-08-07 15:04 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-26 22:55 - 2014-09-26 22:55 - 02867200 _____ () C:\Program Files\AVAST Software\Avast\defs\14092602\algo.dll
2009-04-28 10:24 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\SAMSUNG\EasySpeedUpManager\HookDllPS2.dll
2009-04-28 10:25 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll
2009-04-28 10:25 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2009-04-28 10:20 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SYSTEM32\Rezip.exe
2013-11-19 21:27 - 2014-08-07 15:04 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-28 10:37 - 2014-01-28 10:37 - 00607032 _____ () C:\Program Files\TuneUp Utilities 2013\avgreplibx.dll
2008-05-30 06:51 - 2008-03-09 12:12 - 00240640 _____ () C:\Program Files\ac'tivAid\AutoHotkey\AutoHotkey.exe
2013-12-06 15:03 - 2014-05-11 01:03 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\sj\Downloads\email_10773_20131014093430.eml:OECustomProperty
AlternateDataStreams: C:\Users\sj\Downloads\email_10773_20131014093434.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\pcwatch.sys => ""="Driver" <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\pcwatch.sys => ""="Driver" <==== ATTENTION

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-2438687746-3058713467-3671330042-500 - Disabled - Status: Degraded)
Gast (S-1-5-21-2438687746-3058713467-3671330042-501 - Enabled - Status: OK)
sj (S-1-5-21-2438687746-3058713467-3671330042-1003 - Enabled - Status: OK) => C:\Users\sj

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/27/2014 09:58:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/27/2014 09:58:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung taskeng.exe, Version 6.0.6002.18342, Zeitstempel 0x4cd2e07b, fehlerhaftes Modul igfxTMM.dll, Version 1.0.0.1, Zeitstempel 0x4549bd05, Ausnahmecode 0xc0000005, Fehleroffset 0x00005317,
Prozess-ID 0x8a0, Anwendungsstartzeit taskeng.exe0.

Error: (09/27/2014 09:56:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/27/2014 09:56:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung taskeng.exe, Version 6.0.6002.18342, Zeitstempel 0x4cd2e07b, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x53cd1cdf,
Prozess-ID 0x64c, Anwendungsstartzeit taskeng.exe0.

Error: (09/27/2014 00:58:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/27/2014 00:58:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung taskeng.exe, Version 6.0.6002.18342, Zeitstempel 0x4cd2e07b, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x23c6f3dc,
Prozess-ID 0x218, Anwendungsstartzeit taskeng.exe0.

Error: (09/27/2014 00:19:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/27/2014 00:18:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung taskeng.exe, Version 6.0.6002.18342, Zeitstempel 0x4cd2e07b, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x45020fc8,
Prozess-ID 0x630, Anwendungsstartzeit taskeng.exe0.

Error: (09/26/2014 11:34:53 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.

Vorgang:
Generatordaten werden gesammelt

Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {97416b11-57bf-4d49-b912-da4127bc31e6}

Error: (09/26/2014 11:32:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (09/27/2014 09:59:31 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (09/27/2014 09:58:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (09/27/2014 09:57:21 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (09/27/2014 09:56:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (09/27/2014 09:50:53 AM) (Source: DCOM) (EventID: 10016) (User: sj-PC)
Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}sj-PCsjS-1-5-21-2438687746-3058713467-3671330042-1003LocalHost (unter Verwendung von LRPC)

Error: (09/27/2014 00:59:35 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (09/27/2014 00:58:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (09/27/2014 00:41:15 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: PEVSystemStart

Error: (09/27/2014 00:36:00 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: PEVSystemStart

Error: (09/27/2014 00:31:16 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: PEVSystemStart

Microsoft Office Sessions:
=========================
Error: (04/30/2013 08:04:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 20 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/30/2013 07:57:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/30/2013 07:57:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 112 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/30/2013 07:55:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 336312 seconds with 3540 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2014-09-27 10:49:49.044
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-27 10:49:48.608
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-27 10:49:48.171
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-27 10:49:47.750
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-27 10:49:47.094
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-27 10:49:46.642
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-27 10:49:46.190
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-27 10:49:45.768
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-27 00:32:32.341
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-09-27 00:32:31.905
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 47%
Total physical RAM: 3035.88 MB
Available physical RAM: 1589.45 MB
Total Pagefile: 7047.27 MB
Available Pagefile: 5636.53 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:101.22 GB) (Free:43.4 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:13.02 GB) (Free:12.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 81164B3F)
Partition 1: (Not Active) - (Size=5 GB) - (Type=12)
Partition 2: (Active) - (Size=101.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 27.09.2014, 16:16

Hi,

Adware/Junkware/Toolbars entfernen

1. Schritt: Malwarebytes

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!)

2. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Pc langsam

Plagegeister aller Art und deren Bekämpfung: Pc langsam

Pc langsam

Pc langsam

Ähnliche Themen: Pc langsam