Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar

Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar


Log-Analyse und Auswertung: Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 08.10.2014, 12:24   #1
nolibu
 
Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar - Standard

Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar


Hallo, ich habe folgendes Problem:
(Ich bin übrigens ein ganz schöner Leihe was windows und vieren angeht, da ich bis vor kurzem mac-user war)

Ich war letze Woche nach einer bestimmten Schriftart, die ich dann auch downloaden wollte.
Nach dem Klick auf "dowload" wurde aber keine .ttf datei heruntergeladen, sondern eine .exe . Das kam mir schon sehr komisch vor und habe das dann gleich gelöscht.
nachdem ich dann in meinen chrome browser zurück gekehrt bin, kam nichtmehr meine gewohnte startseite, sondern mysearch.com .
daraufhin habe ich meine softwareprogramme überprüft und festgestellt das da programme installiert wurden, die ich nie wollte. habe diese dann deinstalliert und im browser die startseite geändert.
Nichts half. die seite wurde immer wieder aufgerufen.
Nach einiger recherche bin ich auf stopzilla gestoßen. Dieses Antivieren-Programm soll wohl solche Fehler beheben.
Insalliert, trojaner gefunden und dateien repariert.
Jetzt ist mein rechner immernoch sehr lahm und youtube viedeos lassen sich nicht mehr abspielen (die auf vimeo hingegen schon)
Bitte helft mir mein 1,5monate alten rechner zu reinigen.
Vielen dank schonmal im voraus

hier die log dateien:

defogger_disable:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:40 on 08/10/2014 (Nora)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01
Ran by Nora (administrator) on NORA-PC on 08-10-2014 12:43:15
Running from C:\Users\Nora\Desktop
Loaded Profile: Nora (Available profiles: Nora)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(iS3, Inc.) C:\Program Files (x86)\STOPzilla!\SZServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files (x86)\Wacom\Inkling Sketch Manager\SketchManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(iS3, Inc.) C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
() C:\Program Files (x86)\Search Extensions\Client.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe InDesign CC 2014\InDesign.exe
() C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2014\Required\DynamicLinkMediaServer\32\dynamiclinkmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Nora\Desktop\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sketchmanager] => C:\Program Files (x86)\Wacom\Inkling Sketch Manager\SketchManager.exe [3659776 2011-08-01] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\Run: [HP Photosmart 5510d series (NET)] => C:\Program Files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\RunOnce: [AsrOMG_Day0] => [X]
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\RunOnce: [AsrOMG_Day1] => [X]
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\RunOnce: [AsrOMG_Day2] => [X]
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\RunOnce: [AsrOMG_Day3] => [X]
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\RunOnce: [AsrOMG_Day4] => [X]
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\RunOnce: [AsrOMG_Day5] => [X]
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\RunOnce: [AsrOMG_Day6] => [X]
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\...\MountPoints2: {e83246c6-3f06-11e4-bf43-d050990f6245} - I:\HTC_Sync_Manager_PC.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\Nora\AppData\Roaming\TornTV.com\Torntv Downloader.exe (No File)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49230;https=127.0.0.1:49230
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBEA114CFD5C2CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe www.mystartsearch.com/?type=sc&ts=1412158587&from=ild&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\d1kkyj5v.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF user.js: detected! => C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\d1kkyj5v.default\user.js
FF Extension: {{EXT_NAME}} - C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\d1kkyj5v.default\Extensions\jid0-4deOYiOeBrYfBB9hS3xTnGoKZC4@jetpack [2014-10-06]
FF Extension: {{EXT_NAME}} - C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\d1kkyj5v.default\Extensions\rememberpass@teesoft.info [2014-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-09-03]
FF Extension: No Name - C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\d1kkyj5v.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
FF Extension: No Name - C:\Users\Nora\AppData\Roaming\Mozilla\Firefox\Profiles\d1kkyj5v.default\extensions\6cfae8cc4676442fa78d9dcdf@bd4ea874e76d4af1994ba.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-01]
CHR Extension: (Google Docs) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-01]
CHR Extension: (Google Drive) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-01]
CHR Extension: (YouTube) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-01]
CHR Extension: (Google-Suche) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-01]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-10-01]
CHR Extension: (Google Tabellen) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-01]
CHR Extension: (AdBlock) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-01]
CHR Extension: (Cut the Rope) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2014-10-01]
CHR Extension: (Slinky Klassik) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfjhlpgahgkpncekpdkgfoeppikldble [2014-10-01]
CHR Extension: (Google Wallet) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-01]
CHR Extension: (Quick start) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-10-02]
CHR Extension: (Google Mail) - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-01]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-10-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASRockIOMon; C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 szserver; C:\Program Files (x86)\STOPzilla!\SZServer.exe [57136 2014-08-27] (iS3, Inc.)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-08-28] (ASRock Incorporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-05-09] (ASRock Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-01] (Intel Corporation)
S0 is3srv; C:\Windows\SysWow64\drivers\is3srv64.sys [74768 2014-08-27] (iS3 Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R0 szkg5; C:\Windows\SysWow64\DRIVERS\szkg64.sys [74768 2014-08-27] (iS3 Inc.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 12:43 - 2014-10-08 12:43 - 00022564 _____ () C:\Users\Nora\Desktop\FRST.txt
2014-10-08 12:43 - 2014-10-08 12:43 - 00000000 ____D () C:\FRST
2014-10-08 12:42 - 2014-10-08 12:42 - 02109952 _____ (Farbar) C:\Users\Nora\Desktop\FRST64.exe
2014-10-08 12:40 - 2014-10-08 12:40 - 00000470 _____ () C:\Users\Nora\Desktop\defogger_disable.log
2014-10-08 12:40 - 2014-10-08 12:40 - 00000000 _____ () C:\Users\Nora\defogger_reenable
2014-10-08 12:39 - 2014-10-08 12:39 - 00050477 _____ () C:\Users\Nora\Desktop\Defogger.exe
2014-10-08 12:17 - 2014-10-08 12:17 - 00000000 _____ () C:\Windows\system32\Drivers\kgpfr2.cfg
2014-10-08 09:16 - 2014-10-08 09:16 - 00000912 _____ () C:\Windows\SysWOW64\Drivers\kgpcpy.cfg
2014-10-06 09:55 - 2014-10-06 09:55 - 00003144 _____ () C:\Windows\System32\Tasks\{41FB9295-72EC-44D8-9D3D-91B5A78E02DF}
2014-10-06 08:47 - 2014-10-06 08:47 - 00000016 _____ () C:\Windows\system32\mrt.exe.szfi
2014-10-02 15:42 - 2014-10-06 09:56 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\337Games
2014-10-02 15:42 - 2014-10-02 15:42 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\SupTab
2014-10-02 15:41 - 2014-10-02 15:42 - 00000000 ____D () C:\Users\Nora\AppData\Local\Genesis_10021341
2014-10-02 15:41 - 2014-10-02 15:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNew_01009.Wdf
2014-10-02 15:41 - 2014-10-02 15:41 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\GoforFiles
2014-10-01 13:33 - 2014-10-08 10:30 - 00004322 _____ () C:\Windows\System32\Tasks\RocketTab Update Task
2014-10-01 13:33 - 2014-10-08 10:30 - 00003536 _____ () C:\Windows\System32\Tasks\RocketTab
2014-10-01 13:33 - 2014-10-08 10:30 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2014-10-01 13:19 - 2014-10-01 13:19 - 00000000 ____D () C:\Users\Nora\AppData\Local\Microsoft Games
2014-10-01 13:03 - 2014-10-07 11:39 - 00000016 _____ () C:\Windows\system32\config\software.szfi
2014-10-01 12:58 - 2014-10-01 15:11 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-10-01 12:56 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2014-10-01 12:53 - 2014-10-08 12:43 - 00000000 ____D () C:\ProgramData\STOPzilla!
2014-10-01 12:53 - 2014-10-08 12:38 - 00003576 _____ () C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2014-10-01 12:53 - 2014-10-08 10:30 - 00000480 _____ () C:\Windows\system32\Drivers\kgpcpy.cfg
2014-10-01 12:53 - 2014-10-08 09:20 - 00000000 ____D () C:\Program Files (x86)\STOPzilla!
2014-10-01 12:53 - 2014-10-01 12:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
2014-10-01 12:53 - 2014-08-27 13:30 - 00082872 ____R (GFI Software) C:\Windows\system32\Drivers\sbapifs.sys
2014-10-01 12:53 - 2014-08-27 13:30 - 00047496 ____R (GFI Software) C:\Windows\system32\SBBD.EXE
2014-10-01 12:52 - 2014-10-01 12:52 - 00707664 _____ (iS3, Inc.) C:\Users\Nora\Downloads\SZSetup_AID10121_AV.exe
2014-10-01 12:49 - 2014-10-01 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-01 12:48 - 2014-10-08 11:53 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-01 12:48 - 2014-10-08 10:30 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-01 12:48 - 2014-10-01 12:48 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-01 12:48 - 2014-10-01 12:48 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-01 12:48 - 2014-10-01 12:48 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-01 12:19 - 2014-10-01 12:19 - 00000000 ____D () C:\ProgramData\374311380
2014-10-01 12:17 - 2014-10-08 10:08 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-10-01 12:17 - 2014-10-08 09:56 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-10-01 12:17 - 2014-10-01 12:17 - 00000000 ____D () C:\Users\Nora\Documents\Optimizer Pro
2014-10-01 12:15 - 2014-10-02 12:23 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-01 12:15 - 2014-10-01 12:15 - 00000000 ____D () C:\Users\Nora\AppData\Local\globalUpdate
2014-10-01 08:41 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 08:41 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-29 14:58 - 2014-09-10 00:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-29 14:58 - 2014-09-09 23:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-19 18:02 - 2014-09-19 18:02 - 00000000 ____D () C:\Users\Nora\AppData\Local\Encryptomatic,_LLC
2014-09-19 17:54 - 2014-09-19 17:54 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\IsolatedStorage
2014-09-19 17:54 - 2014-09-19 17:54 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-09-19 17:53 - 2014-09-19 17:53 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\Encryptomatic, LLC
2014-09-19 17:32 - 2014-09-19 17:32 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
2014-09-19 17:32 - 2014-09-19 17:32 - 00000000 ____D () C:\adobeTemp
2014-09-19 17:09 - 2014-09-19 17:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-19 17:09 - 2014-09-19 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-18 11:08 - 2014-09-18 11:08 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\EDrawings
2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Program Files\iTunes
2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Program Files\iPod
2014-09-12 09:15 - 2014-09-12 09:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-11 17:04 - 2014-09-11 17:04 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-11 15:38 - 2014-09-11 15:38 - 00000000 ____D () C:\Users\Nora\Documents\Smart PC Cleaner
2014-09-11 15:35 - 2010-03-15 12:31 - 00165376 _____ () C:\Windows\SysWOW64\unrar.dll
2014-09-11 15:33 - 2014-09-19 17:44 - 00000000 ____D () C:\ProgramData\Norton
2014-09-11 15:32 - 2014-09-11 15:32 - 00000000 ____D () C:\ProgramData\APN
2014-09-10 21:36 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 21:36 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 21:36 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 21:36 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 21:36 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 21:36 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 21:36 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 21:36 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 21:36 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 21:36 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 21:36 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 21:36 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 21:36 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 21:36 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 21:36 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 21:36 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 21:36 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 21:36 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 21:36 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 21:36 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 21:36 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 21:36 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 21:36 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 21:36 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 21:36 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 21:36 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 21:36 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 21:36 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 21:36 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 21:36 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 21:36 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 21:36 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 21:36 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 21:36 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 21:36 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 21:36 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 21:36 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 21:36 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 21:36 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 21:36 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 21:36 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 21:36 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 21:36 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 21:36 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 21:36 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 21:36 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 21:36 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 21:36 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 21:36 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 21:36 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 21:36 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 21:36 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 21:36 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 21:36 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 21:36 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 21:36 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 21:34 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 21:34 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 20:44 - 2014-09-10 20:44 - 00000000 ____D () C:\Users\Nora\AppData\Local\Peter_Upfold
2014-09-10 13:13 - 2014-09-10 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-09-10 13:13 - 2014-09-10 13:13 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-09-10 10:00 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 10:00 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 10:00 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 10:00 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 10:00 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 10:00 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-08 17:49 - 2014-09-08 17:49 - 00002196 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkling Sketch Manager.lnk
2014-09-08 17:49 - 2014-09-08 17:49 - 00002186 _____ () C:\Users\Public\Desktop\Inkling Sketch Manager.lnk
2014-09-08 17:49 - 2014-09-08 17:49 - 00000000 ____D () C:\Users\Nora\Documents\My Sketches
2014-09-08 17:49 - 2014-09-08 17:49 - 00000000 ____D () C:\Users\Nora\AppData\Local\Inkling
2014-09-08 17:49 - 2014-09-08 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Inkling
2014-09-08 17:49 - 2014-09-08 17:49 - 00000000 ____D () C:\Program Files (x86)\Wacom
2014-09-08 17:48 - 2014-09-08 17:48 - 00000000 ____D () C:\Users\Nora\AppData\Local\Downloaded Installations
2014-09-08 14:35 - 2014-09-08 14:35 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\com.adobe.dmp.contentviewer
2014-09-08 13:55 - 2014-09-08 13:55 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\Mozilla
2014-09-08 13:55 - 2014-09-08 13:55 - 00000000 ____D () C:\Users\Nora\AppData\Local\Mozilla
2014-09-08 13:55 - 2014-09-08 13:55 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-08 09:44 - 2014-09-08 09:46 - 00000000 ____D () C:\GIGABYTE FORCE
2014-09-08 09:44 - 2014-09-08 09:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE FORCE

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-08 12:40 - 2014-08-28 17:28 - 00000000 ____D () C:\Users\Nora
2014-10-08 12:20 - 2014-08-28 17:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-08 12:17 - 2014-09-01 10:03 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared
2014-10-08 12:17 - 2014-09-01 10:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-08 11:52 - 2014-09-01 10:00 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\SolidWorks
2014-10-08 10:37 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-08 10:37 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-08 10:34 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-10-08 10:34 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-10-08 10:34 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-08 10:33 - 2014-08-28 17:28 - 01284091 _____ () C:\Windows\WindowsUpdate.log
2014-10-08 10:30 - 2014-09-01 08:21 - 00000000 ___RD () C:\Users\Nora\Dropbox
2014-10-08 10:30 - 2014-09-01 08:20 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\Dropbox
2014-10-08 10:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-08 10:30 - 2009-07-14 06:51 - 00039841 _____ () C:\Windows\setupact.log
2014-10-08 10:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-08 10:07 - 2014-09-01 08:20 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\Skype
2014-10-08 09:55 - 2014-09-04 21:18 - 00000034 _____ () C:\Users\Nora\AppData\Roaming\AdobeWLCMCache.dat
2014-10-08 09:15 - 2014-09-01 09:59 - 00000000 ____D () C:\Users\Nora\AppData\Local\Adobe
2014-10-08 09:05 - 2010-11-21 05:47 - 00033262 _____ () C:\Windows\PFRO.log
2014-10-07 17:16 - 2014-08-28 17:53 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-07 17:16 - 2014-08-28 17:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-07 17:16 - 2014-08-28 17:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-06 09:56 - 2014-08-28 17:32 - 00001421 _____ () C:\Users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-02 11:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-01 15:11 - 2014-08-28 17:34 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-10-01 12:58 - 2014-08-28 17:34 - 00000000 ____D () C:\ProgramData\Intel
2014-10-01 12:49 - 2014-08-28 18:01 - 00000000 ____D () C:\Users\Nora\AppData\Local\Google
2014-10-01 12:48 - 2014-08-28 18:01 - 00000000 ____D () C:\Users\Nora\AppData\Local\Deployment
2014-10-01 12:42 - 2009-07-14 06:45 - 05091120 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-01 12:01 - 2014-08-28 17:28 - 00089816 _____ () C:\Users\Nora\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-22 10:27 - 2014-09-01 10:12 - 00000000 ____D () C:\Users\Nora\AppData\Local\TempSWSicherungsverzeichnis
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-19 17:32 - 2014-09-01 09:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-19 17:09 - 2014-09-01 08:20 - 00000000 ____D () C:\ProgramData\Skype
2014-09-18 11:07 - 2014-09-01 10:06 - 00000000 ____D () C:\ProgramData\DassaultSystemes
2014-09-18 09:41 - 2014-09-01 09:51 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 09:40 - 2014-09-01 08:21 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-11 17:03 - 2014-09-04 16:02 - 00000000 ____D () C:\Users\Nora\AppData\Roaming\HpUpdate
2014-09-11 15:39 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-09-10 21:35 - 2014-08-28 18:02 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-10 21:35 - 2014-08-28 18:02 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-10 21:35 - 2014-08-28 18:02 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-10 21:35 - 2014-08-28 18:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-10 21:35 - 2014-08-28 18:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 21:34 - 2014-08-28 18:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 21:34 - 2014-08-16 14:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 18:15 - 2014-09-02 10:05 - 00000000 ____D () C:\Users\Nora\AppData\Local\Apple Computer
2014-09-08 14:36 - 2014-09-04 21:26 - 00000000 ____D () C:\Users\Nora\Documents\Adobe
2014-09-08 14:36 - 2014-09-04 21:12 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-08 12:39 - 2014-09-04 21:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe

Some content of TEMP:
====================
C:\Users\Nora\AppData\Local\Temp\0mDY7lrejP.exe
C:\Users\Nora\AppData\Local\Temp\AEVx6.dll
C:\Users\Nora\AppData\Local\Temp\AEVx6.exe
C:\Users\Nora\AppData\Local\Temp\ctKv3.exe
C:\Users\Nora\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqpn6v2.dll
C:\Users\Nora\AppData\Local\Temp\GwEBSvtukA.exe
C:\Users\Nora\AppData\Local\Temp\networkme1.exe
C:\Users\Nora\AppData\Local\Temp\rtDpKk7D2z.exe
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite10853.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite11007.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite26504.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite39543.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite44401.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite55996.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite62050.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite65943.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite67667.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite69013.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite69495.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite70639.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite77314.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite81504.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite95293.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite95590.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite95887.dll
C:\Users\Nora\AppData\Local\Temp\System.Data.SQLite96340.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 09:17

==================== End Of Log ============================
Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014 01
Ran by Nora at 2014-10-08 12:43:31
Running from C:\Users\Nora\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: STOPzilla (Disabled - Up to date) {17032AB1-6644-0721-EEB5-A39B8B646009}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: STOPzilla (Disabled - Up to date) {AC62CB55-407E-08AF-D405-98E9F0E32AB4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2014 (HKLM-x32\...\{CCDCB9C4-72BA-1014-A3F8-D123F2F18BC2}) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{755DDD59-9690-4F1A-BE9C-D39BDCFA77C9}) (Version: 12.1.3.153 - Adobe Systems, Inc)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.3 - Adobe Systems, Incorporated) Hidden
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
AMD Accelerated Video Transcoding (Version: 13.30.100.40622 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B8FBE074-E2D4-3B7A-E14D-FF06D063DFCB}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD FirePro Control Center (x32 Version: 2014.0622.411.5604 - Ihr Firmenname) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock XFast RAM v3.0.2 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
A-Tuning v2.0.47 (HKLM-x32\...\A-Tuning_is1) (Version: 2.0.47 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0622.411.5604 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0622.411.5604 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0622.411.5604 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2014.0622.411.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0622.0410.5604 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0622.411.5604 - Advanced Micro Devices, Inc.) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
GIGABYTE FORCE Driver (HKLM-x32\...\GMouse) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
HP Photosmart 5510d series - Grundlegende Software für das Gerät (HKLM\...\{03680F90-8737-46AD-8274-37B451815144}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Inkling Sketch Manager (HKLM-x32\...\{2D0D4A16-6486-48B5-A9AA-92C93BE62802}) (Version: 1.01.64 - Wacom Co. Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (Version: 2.0.50728 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (x32 Version: 8.0.50727.146 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
RocketTab (HKLM-x32\...\RocketTab) (Version:  - RocketTab) <==== ATTENTION
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
STOPzilla (HKLM-x32\...\{BD67AA4D-E8BC-45DD-9C4A-17BEAF1D8295}) (Version: 6.1.90.7 - iS3 Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{1819ED18-F0F6-41C3-B268-F8E11A8EAA99}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-161463653-1242974973-1445233186-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

18-09-2014 07:50:18 Windows Update
19-09-2014 15:53:41 Installed PSTViewer Pro
22-09-2014 06:49:03 Windows Update
29-09-2014 12:37:17 Windows Update
29-09-2014 13:58:43 Windows Update
01-10-2014 10:47:28 Removed PSTViewer Pro
01-10-2014 10:53:02 Installed STOPzilla
01-10-2014 13:11:00 Intel(R) Update Manager wird entfernt
01-10-2014 13:17:17 Windows Update
07-10-2014 06:48:07 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-10-01 12:53 - 00001092 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com 
127.0.0.1 activate.adobe.com
8.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {4CA39504-05C4-4111-BB9D-E66B5C6AE329} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {55A41912-421B-4024-9609-E3631C0847E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-01] (Google Inc.)
Task: {7384CFA6-DFF1-4A14-B8C1-54F790B8C3D0} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\Search Extensions\uninstall.exe [2014-10-08] () <==== ATTENTION
Task: {BA5F6C6D-785F-498F-AB8F-9DAEBDC624B2} - System32\Tasks\AdobeAAMUpdater-1.0-Nora-PC-Nora => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {DAA83CF9-863F-4C6B-9348-4CA7326F0723} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-07] (Adobe Systems Incorporated)
Task: {F62C0134-61BB-4B8B-8E2F-E8D67859205C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F8A3744E-52A0-4EF4-8AFC-B45EC9265070} - System32\Tasks\RocketTab => C:\Windows\system32\cmd.exe [2010-11-21] (Microsoft Corporation) <==== ATTENTION
Task: {FCA333C6-F234-4EA5-83F5-F92FBBB49C9F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-01] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-08-28 17:35 - 2013-05-28 17:58 - 00454656 _____ () C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe
2011-08-01 10:24 - 2011-08-01 10:24 - 03659776 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\SketchManager.exe
2014-07-16 11:05 - 2014-07-16 11:05 - 05558432 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-10-08 10:30 - 2014-10-08 10:30 - 01424616 _____ () C:\Program Files (x86)\Search Extensions\Client.exe
2014-05-02 13:12 - 2014-05-02 13:12 - 00095424 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASLSupport.dll
2014-05-02 13:12 - 2014-05-02 13:12 - 00266432 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\ASKLib.dll
2014-05-02 13:12 - 2014-05-02 13:12 - 00263360 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\AdamLib.dll
2014-05-02 13:12 - 2014-05-02 13:12 - 00073408 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\unihan.dll
2014-09-03 12:55 - 2014-09-03 12:55 - 00815104 _____ () C:\Program Files\Adobe\Adobe InDesign CC 2014\Utilities\adb.exe
2014-05-08 03:35 - 2014-05-08 03:35 - 00470728 _____ () C:\Program Files\Adobe\Adobe Photoshop CC 2014\aif_core.dll
2014-05-08 03:36 - 2014-05-08 03:36 - 02605256 _____ () C:\Program Files\Adobe\Adobe Photoshop CC 2014\aif_ogl.dll
2014-05-08 03:35 - 2014-05-08 03:35 - 00170184 _____ () C:\Program Files\Adobe\Adobe Photoshop CC 2014\aif_ocl.dll
2014-10-08 12:39 - 2014-10-08 12:39 - 00050477 _____ () C:\Users\Nora\Desktop\Defogger.exe
2014-10-01 12:56 - 2014-06-20 06:08 - 00192376 _____ () C:\ProgramData\STOPzilla!\VIPRE\libBase64.dll
2014-10-01 12:56 - 2014-06-20 06:08 - 00180088 _____ () C:\ProgramData\STOPzilla!\VIPRE\libMachoUniv.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-03 06:45 - 2014-07-03 06:45 - 32733056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 02080256 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\QtCore4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 07744000 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\QtGui4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00334848 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\QtXml4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00566784 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\QxtGui.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00368640 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\QxtCore.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00268800 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\QtSvg4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00929280 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\QtNetwork4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00025600 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\imageformats\qgif4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00027648 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\imageformats\qico4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00119808 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\imageformats\qjpeg4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00220672 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\imageformats\qmng4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00017920 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\imageformats\qsvg4.dll
2010-10-07 11:51 - 2010-10-07 11:51 - 00278528 _____ () C:\Program Files (x86)\Wacom\Inkling Sketch Manager\imageformats\qtiff4.dll
2014-10-08 10:30 - 2014-10-08 10:30 - 00043008 _____ () c:\users\nora\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqpn6v2.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Nora\AppData\Roaming\Dropbox\bin\libcef.dll
2014-10-01 12:49 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-10-01 12:49 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-10-01 12:49 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-10-01 12:49 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-10-01 12:49 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-08-28 17:34 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

HKU\S-1-5-21-161463653-1242974973-1445233186-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-161463653-1242974973-1445233186-1000\Software\Classes\exefile:  <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-161463653-1242974973-1445233186-500 - Administrator - Disabled)
Gast (S-1-5-21-161463653-1242974973-1445233186-501 - Limited - Disabled)
Nora (S-1-5-21-161463653-1242974973-1445233186-1000 - Administrator - Enabled) => C:\Users\Nora

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/08/2014 10:32:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 10:28:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 10:10:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 09:34:36 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "NB (H:)" wurde aufgrund eines Fehlers nicht defragmentiert: Falscher Parameter. (0x80070057)

Error: (10/08/2014 09:34:19 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (10/08/2014 09:34:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (10/08/2014 09:07:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 11:25:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" ; Beschreibung = STOPzilla Restore Point.; Fehler = 0x80042319).

Error: (10/06/2014 11:40:54 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (10/06/2014 11:40:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (10/08/2014 10:31:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (10/08/2014 10:31:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/08/2014 10:30:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
is3srv

Error: (10/08/2014 10:30:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/08/2014 10:27:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (10/08/2014 10:27:21 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (10/08/2014 10:26:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
is3srv

Error: (10/08/2014 10:26:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/08/2014 10:09:38 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (10/08/2014 10:09:38 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (10/08/2014 10:32:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 10:28:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 10:10:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2014 09:34:36 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: NB (H:)Falscher Parameter. (0x80070057)

Error: (10/08/2014 09:34:19 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: c:\program files\solidworks corp\solidworks flow simulation\binCFW\reg_sasenv.exec:\program files\solidworks corp\solidworks flow simulation\binCFW\reg_sasenv.exe24

Error: (10/08/2014 09:34:12 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe

Error: (10/08/2014 09:07:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 11:25:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" STOPzilla Restore Point.0x80042319

Error: (10/06/2014 11:40:54 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: c:\program files\solidworks corp\solidworks flow simulation\binCFW\reg_sasenv.exec:\program files\solidworks corp\solidworks flow simulation\binCFW\reg_sasenv.exe24

Error: (10/06/2014 11:40:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe


==================== Memory info =========================== 

Processor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Percentage of memory in use: 25%
Total physical RAM: 16313.62 MB
Available physical RAM: 12087.43 MB
Total Pagefile: 32625.42 MB
Available Pagefile: 26997.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:162.91 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:771.95 GB) NTFS
Drive f: (Maxor) (Fixed) (Total:465.75 GB) (Free:15.36 GB) exFAT
Drive h: (NB) (Fixed) (Total:465.65 GB) (Free:168.29 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 53E1713D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1632C4A8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 3E4C2E58)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 56728CF2)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0B)

==================== End Of Log ============================
GMER:

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-08 12:56:40
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000063 Samsung_ rev.EXT0 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\Nora\AppData\Local\Temp\kxldqpow.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\STOPzilla!\SZServer.exe[400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                        0000000077181465 2 bytes [18, 77]
.text    C:\Program Files (x86)\STOPzilla!\SZServer.exe[400] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                       00000000771814bb 2 bytes [18, 77]
.text    ...                                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[3440] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                             0000000077181465 2 bytes [18, 77]
.text    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe[3440] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                            00000000771814bb 2 bytes [18, 77]
.text    ...                                                                                                                                                                                                                * 2
.text    C:\Users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe[3540] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                                                                                                0000000077181465 2 bytes [18, 77]
.text    C:\Users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe[3540] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                                                                                               00000000771814bb 2 bytes [18, 77]
.text    ...                                                                                                                                                                                                                * 2
.text    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[4372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                              0000000077181465 2 bytes [18, 77]
.text    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe[4372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                             00000000771814bb 2 bytes [18, 77]
.text    ...                                                                                                                                                                                                                * 2
---- Processes - GMER 2.1 ----

Library  C:\Users\Nora\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe [3540](2014-09-13 00:20:58)                                                0000000004000000
Library  c:\users\nora\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqpn6v2.dll (*** suspicious ***) @ C:\Users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe [3540](2014-10-08 08:30:20)  0000000004450000
Library  C:\Users\Nora\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe [3540](2013-08-23 19:01:44)                                                      0000000067fb0000
Library  C:\Users\Nora\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe [3540] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42)                        0000000067380000

---- Registry - GMER 2.1 ----

Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1A00FD6D-D8D8-5C86-294A-A7D78C6B8CF2}                                                                                                    
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1A00FD6D-D8D8-5C86-294A-A7D78C6B8CF2}@oaphfeaafjohaccdgonijgbgjcdmjc                                                                     0x6A 0x61 0x67 0x67 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1A00FD6D-D8D8-5C86-294A-A7D78C6B8CF2}@nabhppopoecbkcdkfamaopifghkp                                                                       0x6A 0x61 0x67 0x67 ...

---- EOF - GMER 2.1 ----

Alt 08.10.2014, 13:06   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar - Standard

Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar


hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    RocketTab


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________
Alt 08.10.2014, 13:56   #3
nolibu
 
Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar - Standard

Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar


Hallo,
danke schonmal für die schnelle Antwort. Ich habe deine Anweisungen befolgt. Der Scan verlief problemlos und Combofix hat folgende logdatei erstellt:

Code:
ATTFilter
ComboFix 14-10-04.01 - Nora 08.10.2014  14:43:21.1.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.16314.14157 [GMT 2:00]
ausgeführt von:: c:\users\Nora\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: STOPzilla *Disabled/Updated* {17032AB1-6644-0721-EEB5-A39B8B646009}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: STOPzilla *Disabled/Updated* {AC62CB55-407E-08AF-D405-98E9F0E32AB4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\374311380
c:\programdata\374311380\BIT29C0.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-09-08 bis 2014-10-08  ))))))))))))))))))))))))))))))
.
.
2014-10-08 12:45 . 2014-10-08 12:45	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-10-08 12:33 . 2014-10-08 12:33	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-10-08 10:43 . 2014-10-08 10:43	--------	d-----w-	C:\FRST
2014-10-08 07:16 . 2014-09-09 02:05	11578928	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{673AF206-3F16-4CBD-A5B5-63D6A7EFD5BD}\mpengine.dll
2014-10-07 06:48 . 2014-09-09 02:05	11578928	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-02 13:42 . 2014-10-02 13:42	--------	d-----w-	c:\users\Nora\AppData\Roaming\SupTab
2014-10-02 13:42 . 2014-10-06 07:56	--------	d-----w-	c:\users\Nora\AppData\Roaming\337Games
2014-10-02 13:41 . 2014-10-02 13:41	--------	d-----w-	c:\users\Nora\AppData\Roaming\GoforFiles
2014-10-02 13:41 . 2014-10-02 13:42	--------	d-----w-	c:\users\Nora\AppData\Local\Genesis_10021341
2014-10-02 07:08 . 2014-09-17 06:26	1188440	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0BB2C406-5E2C-4001-A03A-E3BC12C8241F}\gapaengine.dll
2014-10-01 11:19 . 2014-10-01 11:19	--------	d-----w-	c:\users\Nora\AppData\Local\Microsoft Games
2014-10-01 10:58 . 2014-10-01 13:11	--------	d-----w-	c:\programdata\Intel(R) Update Manager
2014-10-01 10:56 . 2013-05-23 06:39	41032	----a-w-	c:\windows\system32\drivers\gfiark.sys
2014-10-01 10:53 . 2014-08-27 11:30	82872	----a-r-	c:\windows\system32\drivers\sbapifs.sys
2014-10-01 10:53 . 2014-08-27 11:30	47496	----a-r-	c:\windows\system32\SBBD.EXE
2014-10-01 10:53 . 2014-10-08 12:40	--------	d-----w-	c:\programdata\STOPzilla!
2014-10-01 10:53 . 2014-10-08 07:20	--------	d-----w-	c:\program files (x86)\STOPzilla!
2014-10-01 10:48 . 2014-10-01 10:48	--------	d-----w-	c:\program files (x86)\Google
2014-10-01 10:17 . 2014-10-08 08:08	--------	d-----w-	c:\programdata\IePluginServices
2014-10-01 10:17 . 2014-10-08 07:56	--------	d-----w-	c:\program files (x86)\SupTab
2014-10-01 10:15 . 2014-10-02 10:23	--------	d-----w-	c:\program files (x86)\globalUpdate
2014-10-01 10:15 . 2014-10-01 10:15	--------	d-----w-	c:\users\Nora\AppData\Local\globalUpdate
2014-10-01 06:41 . 2014-09-25 02:08	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-10-01 06:41 . 2014-09-25 01:40	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-29 12:58 . 2014-09-09 22:18	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-29 12:58 . 2014-09-09 21:49	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-09-19 16:02 . 2014-09-19 16:02	--------	d-----w-	c:\users\Nora\AppData\Local\Encryptomatic,_LLC
2014-09-19 15:54 . 2014-09-19 15:54	--------	d-----w-	c:\users\Nora\AppData\Roaming\IsolatedStorage
2014-09-19 15:54 . 2014-09-19 15:54	--------	d-----w-	c:\programdata\IsolatedStorage
2014-09-19 15:53 . 2014-09-19 15:53	--------	d-----w-	c:\users\Nora\AppData\Roaming\Encryptomatic, LLC
2014-09-19 15:32 . 2014-09-19 15:32	--------	d-----w-	C:\adobeTemp
2014-09-19 15:09 . 2014-09-19 15:09	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-09-19 15:09 . 2014-09-19 15:09	--------	d-----r-	c:\program files (x86)\Skype
2014-09-18 09:08 . 2014-09-18 09:08	--------	d-----w-	c:\users\Nora\AppData\Roaming\EDrawings
2014-09-17 06:26 . 2014-09-17 06:26	1188440	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-12 09:43 . 2014-09-12 09:43	227728	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-09-12 07:15 . 2014-09-12 07:15	--------	d-----w-	c:\program files\iPod
2014-09-12 07:15 . 2014-09-12 07:15	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-12 07:15 . 2014-09-12 07:15	--------	d-----w-	c:\program files\iTunes
2014-09-12 07:15 . 2014-09-12 07:15	--------	d-----w-	c:\program files (x86)\iTunes
2014-09-11 13:42 . 2014-09-11 13:54	--------	d-----w-	c:\program files (x86)\Common Files\Symantec Shared
2014-09-11 13:35 . 2010-03-15 10:31	165376	----a-w-	c:\windows\SysWow64\unrar.dll
2014-09-11 13:33 . 2014-09-19 15:44	--------	d-----w-	c:\programdata\Norton
2014-09-11 13:32 . 2014-09-11 13:32	--------	d-----w-	c:\programdata\APN
2014-09-10 19:34 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-09-10 19:34 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-10 18:44 . 2014-09-10 18:44	--------	d-----w-	c:\users\Nora\AppData\Local\Peter_Upfold
2014-09-10 11:13 . 2014-09-10 11:13	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2014-09-10 11:13 . 2014-09-10 11:13	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2014-09-10 11:13 . 2014-09-10 11:13	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2014-09-10 11:13 . 2014-09-10 11:13	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2014-09-10 11:13 . 2014-09-10 11:13	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2014-09-10 11:13 . 2014-09-10 11:13	--------	d-----w-	c:\program files (x86)\QuickTime
2014-09-10 08:00 . 2014-08-01 11:53	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-09-10 08:00 . 2014-08-01 11:35	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-09-10 08:00 . 2014-06-24 03:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2014-09-10 08:00 . 2014-06-24 02:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2014-09-10 08:00 . 2014-09-05 02:10	578048	----a-w-	c:\windows\system32\aepdu.dll
2014-09-10 08:00 . 2014-09-05 02:05	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-09-08 15:49 . 2014-09-08 15:49	--------	d-----w-	c:\users\Nora\AppData\Local\Inkling
2014-09-08 15:49 . 2014-09-08 15:49	--------	d-----w-	c:\program files (x86)\Wacom
2014-09-08 15:48 . 2014-09-08 15:48	--------	d-----w-	c:\users\Nora\AppData\Local\Downloaded Installations
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-07 15:16 . 2014-08-28 15:53	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-07 15:16 . 2014-08-28 15:53	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-22 06:42 . 2010-11-21 03:27	278152	------w-	c:\windows\system32\MpSigStub.exe
2014-09-10 19:34 . 2014-08-28 16:01	101694776	----a-w-	c:\windows\system32\MRT.exe
2014-09-07 13:15 . 2014-09-03 10:37	18960	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2014-09-04 07:03 . 2014-08-28 15:51	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-09-04 07:03 . 2014-08-28 15:51	319912	----a-w-	c:\windows\system32\javaws.exe
2014-09-04 07:03 . 2014-08-28 15:51	191400	----a-w-	c:\windows\system32\javaw.exe
2014-09-04 07:03 . 2014-08-28 15:51	190888	----a-w-	c:\windows\system32\java.exe
2014-09-04 07:03 . 2014-08-28 15:51	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-28 16:03 . 2014-08-28 16:01	6010880	----a-w-	c:\program files (x86)\GUT30D0.tmp
2014-08-28 15:54 . 2014-08-28 15:54	1198049	----a-w-	c:\windows\unins000.exe
2014-08-28 15:35 . 2014-08-28 15:35	22280	----a-w-	c:\windows\SysWow64\drivers\AsrDrv101.sys
2014-08-27 11:30 . 2014-08-27 11:30	74768	----a-r-	c:\windows\SysWow64\drivers\SZKG64.sys
2014-08-27 11:30 . 2014-08-27 11:30	74768	----a-r-	c:\windows\SysWow64\drivers\is3srv64.sys
2014-08-23 02:07 . 2014-08-28 15:49	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 15:49	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-28 15:49	3166720	----a-w-	c:\windows\system32\win32k.sys
2014-08-21 09:24 . 2014-08-28 15:39	11319192	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{943331C4-72D1-422E-A707-7B0368920679}\mpengine.dll
2014-08-16 14:48 . 2014-08-16 14:48	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-08-16 14:48 . 2014-08-16 14:48	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-08-16 14:48 . 2014-08-16 14:48	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-08-16 14:48 . 2014-08-16 14:48	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-08-16 14:48 . 2014-08-16 14:48	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-08-16 14:48 . 2014-08-16 14:48	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-08-16 14:48 . 2014-08-16 14:48	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-08-16 14:48 . 2014-08-16 14:48	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-08-16 14:48 . 2014-08-16 14:48	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-08-16 14:48 . 2014-08-16 14:48	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-08-16 14:48 . 2014-08-16 14:48	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-08-16 14:48 . 2014-08-16 14:48	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-08-16 14:48 . 2014-08-16 14:48	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-08-16 14:48 . 2014-08-16 14:48	413696	----a-w-	c:\windows\system32\html.iec
2014-08-16 14:48 . 2014-08-16 14:48	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-08-16 14:48 . 2014-08-16 14:48	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-08-16 14:48 . 2014-08-16 14:48	247808	----a-w-	c:\windows\system32\msls31.dll
2014-08-16 14:48 . 2014-08-16 14:48	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-08-16 14:48 . 2014-08-16 14:48	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-08-16 14:48 . 2014-08-16 14:48	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-08-16 14:48 . 2014-08-16 14:48	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-08-16 14:48 . 2014-08-16 14:48	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-08-16 14:48 . 2014-08-16 14:48	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-08-16 14:48 . 2014-08-16 14:48	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2014-08-16 14:48 . 2014-08-16 14:48	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-08-16 14:48 . 2014-08-16 14:48	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-08-16 14:48 . 2014-08-16 14:48	105984	----a-w-	c:\windows\system32\iesysprep.dll
2014-08-16 14:48 . 2014-08-16 14:48	81408	----a-w-	c:\windows\system32\icardie.dll
2014-08-16 14:48 . 2014-08-16 14:48	774144	----a-w-	c:\windows\system32\jscript.dll
2014-08-16 14:48 . 2014-08-16 14:48	62464	----a-w-	c:\windows\system32\pngfilt.dll
2014-08-16 14:48 . 2014-08-16 14:48	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-08-16 14:48 . 2014-08-16 14:48	48128	----a-w-	c:\windows\system32\imgutil.dll
2014-08-16 14:48 . 2014-08-16 14:48	30208	----a-w-	c:\windows\system32\licmgr10.dll
2014-08-16 14:48 . 2014-08-16 14:48	243200	----a-w-	c:\windows\system32\webcheck.dll
2014-08-16 14:48 . 2014-08-16 14:48	235520	----a-w-	c:\windows\system32\url.dll
2014-08-16 14:48 . 2014-08-16 14:48	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-08-16 14:48 . 2014-08-16 14:48	147968	----a-w-	c:\windows\system32\occache.dll
2014-08-16 14:48 . 2014-08-16 14:48	143872	----a-w-	c:\windows\system32\wextract.exe
2014-08-16 14:48 . 2014-08-16 14:48	13824	----a-w-	c:\windows\system32\mshta.exe
2014-08-16 14:48 . 2014-08-16 14:48	135680	----a-w-	c:\windows\system32\iepeers.dll
2014-08-16 14:48 . 2014-08-16 14:48	101376	----a-w-	c:\windows\system32\inseng.dll
2014-08-16 14:47 . 2014-08-16 14:47	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-08-16 14:47 . 2014-08-16 14:47	729088	----a-w-	c:\windows\system32\kerberos.dll
2014-08-16 14:47 . 2014-08-16 14:47	551424	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-08-16 14:47 . 2014-08-16 14:47	463872	----a-w-	c:\windows\system32\certcli.dll
2014-08-16 14:47 . 2014-08-16 14:47	342528	----a-w-	c:\windows\SysWow64\certcli.dll
2014-08-16 14:47 . 2014-08-16 14:47	341504	----a-w-	c:\windows\system32\schannel.dll
2014-08-16 14:47 . 2014-08-16 14:47	247808	----a-w-	c:\windows\SysWow64\schannel.dll
2014-08-16 14:47 . 2014-08-16 14:47	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-08-16 14:47 . 2014-08-16 14:47	1461760	----a-w-	c:\windows\system32\lsasrv.dll
2014-08-16 14:46 . 2014-08-16 14:46	338432	----a-w-	c:\windows\system32\conhost.exe
2014-08-16 14:46 . 2014-08-16 14:46	215552	----a-w-	c:\windows\system32\winsrv.dll
2014-08-16 14:46 . 2014-08-16 14:46	1165312	----a-w-	c:\windows\system32\kernel32.dll
2014-08-16 14:46 . 2014-08-16 14:46	87552	----a-w-	c:\windows\SysWow64\davclnt.dll
2014-08-16 14:46 . 2014-08-16 14:46	265216	----a-w-	c:\windows\system32\WebClnt.dll
2014-08-16 14:46 . 2014-08-16 14:46	210432	----a-w-	c:\windows\SysWow64\WebClnt.dll
2014-08-16 14:46 . 2014-08-16 14:46	109056	----a-w-	c:\windows\system32\davclnt.dll
2014-08-16 14:45 . 2014-08-16 14:45	347648	----a-w-	c:\windows\system32\WSManMigrationPlugin.dll
2014-08-16 14:45 . 2014-08-16 14:45	311296	----a-w-	c:\windows\system32\WsmWmiPl.dll
2014-08-16 14:45 . 2014-08-16 14:45	267264	----a-w-	c:\windows\system32\WSManHTTPConfig.exe
2014-08-16 14:45 . 2014-08-16 14:45	249344	----a-w-	c:\windows\SysWow64\WSManMigrationPlugin.dll
2014-08-16 14:45 . 2014-08-16 14:45	214528	----a-w-	c:\windows\SysWow64\WsmWmiPl.dll
2014-08-16 14:45 . 2014-08-16 14:45	2024448	----a-w-	c:\windows\system32\WsmSvc.dll
2014-08-16 14:45 . 2014-08-16 14:45	199168	----a-w-	c:\windows\SysWow64\WSManHTTPConfig.exe
2014-08-16 14:45 . 2014-08-16 14:45	182272	----a-w-	c:\windows\system32\WsmAuto.dll
2014-08-16 14:45 . 2014-08-16 14:45	146944	----a-w-	c:\windows\SysWow64\WsmAuto.dll
2014-08-16 14:45 . 2014-08-16 14:45	1179648	----a-w-	c:\windows\SysWow64\WsmSvc.dll
2014-08-16 14:45 . 2014-08-16 14:45	1065984	----a-w-	c:\windows\system32\cryptui.dll
2014-08-16 14:45 . 2014-08-16 14:45	1003520	----a-w-	c:\windows\SysWow64\cryptui.dll
2014-08-16 14:45 . 2014-08-16 14:45	499200	----a-w-	c:\windows\system32\cscui.dll
2014-08-16 14:44 . 2014-08-16 14:44	1339904	----a-w-	c:\windows\system32\diagperf.dll
2014-08-16 14:44 . 2014-08-16 14:44	142272	----a-w-	c:\windows\system32\drivers\msdsm.sys
2014-08-16 14:43 . 2014-08-16 14:43	29696	----a-w-	c:\windows\system32\linkinfo.dll
2014-08-16 14:43 . 2014-08-16 14:43	22016	----a-w-	c:\windows\SysWow64\linkinfo.dll
2014-08-16 14:42 . 2014-08-16 14:42	966656	----a-w-	c:\windows\system32\localspl.dll
2014-08-16 14:42 . 2014-08-16 14:42	223744	----a-w-	c:\windows\system32\ncsi.dll
2014-08-16 14:42 . 2014-08-16 14:42	162304	----a-w-	c:\windows\SysWow64\ncsi.dll
2014-08-16 14:42 . 2014-08-16 14:42	345088	----a-w-	c:\windows\system32\rasmans.dll
2014-08-16 14:41 . 2014-08-16 14:41	38912	----a-w-	c:\windows\system32\uxsms.dll
2014-08-16 14:41 . 2014-08-16 14:41	128512	----a-w-	c:\windows\system32\dwmredir.dll
2014-08-16 14:41 . 2014-08-16 14:41	120320	----a-w-	c:\windows\system32\dwm.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 5510d series (NET)"="c:\program files\HP\HP Photosmart 5510d series\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-06-22 767200]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-07-22 2694040]
"sketchmanager"="c:\program files (x86)\Wacom\Inkling Sketch Manager\SketchManager.exe" [2011-08-01 3659776]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-09-01 152392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Search Extensions Program Files Data Uninstall"="rd" [X]
.
c:\users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Nora\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R0 is3srv;is3srv;c:\windows\SySWOW64\drivers\is3srv64.sys;c:\windows\SySWOW64\drivers\is3srv64.sys [x]
R2 ASRockIOMon;ASRock IO Monitor Service;c:\program files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe;c:\program files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AsrDrv101;AsrDrv101;c:\windows\SysWOW64\Drivers\AsrDrv101.sys;c:\windows\SysWOW64\Drivers\AsrDrv101.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys;c:\windows\SySWOW64\DRIVERS\szkg64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys;c:\windows\SYSNATIVE\DRIVERS\sbapifs.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-01 10:48	1096520	----a-w-	c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-10-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-28 15:16]
.
2014-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-01 10:48]
.
2014-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-01 10:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-07-16 09:06	672416	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-07-16 09:06	672416	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-07-16 09:06	672416	----a-w-	c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08	164760	----a-w-	c:\users\Nora\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-07-26 13636824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 3100440]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
mDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
mDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A
mStart Page = hxxp://istart.webssearches.com/?type=hp&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1412257327&from=exp&uid=SamsungXSSDX840XEVOX250GB_S1DBNSBF642087A&q={searchTerms}
uInternet Settings,ProxyOverride = <-loopback>
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ASRock A-Tuning - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk - c:\users\Nora\AppData\Roaming\TornTV.com\Torntv Downloader.exe /c=startup
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-161463653-1242974973-1445233186-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1A00FD6D-D8D8-5C86-294A-A7D78C6B8CF2}*]
"oaphfeaafjohaccdgonijgbgjcdmjc"=hex:6a,61,67,67,66,70,66,69,6c,61,6c,62,64,6a,
   6a,6e,65,6e,68,63,00,00
"nabhppopoecbkcdkfamaopifghkp"=hex:6a,61,67,67,66,70,66,69,6c,61,6c,62,64,6a,
   6a,6e,65,6e,68,63,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-10-08  14:46:49
ComboFix-quarantined-files.txt  2014-10-08 12:46
.
Vor Suchlauf: 13 Verzeichnis(se), 175.370.555.392 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 176.030.789.632 Bytes frei
.
- - End Of File - - 0E85613B1EBFCC302A4FDB7D1B46D8BD
A36C5E4F47E84449FF07ED3517B43A31
__________________
Alt 09.10.2014, 10:44   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar - Standard

Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar
4d36e972-e325-11ce-bfc1-08002be10318, adware, association, bonjour, branding, browser, cpu, defender, failed, fehlercode 0x0, fehlercode 0x80070057, fehlercode windows, flash player, google, iexplore.exe, install.exe, prozess, realtek, registry, required, rojaner gefunden, scan, security, services.exe, svchost.exe, system, teredo, this device cannot start. (code10), trojaner, usb, windows


« Steam und LoL funktioniert nicht:( | PC Langsam Hab ich einen Virus ? »


Ähnliche Themen: Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar


  1. Win 8: Mein Laptop arbeitet nicht mehr richtig (Virus?)
    Log-Analyse und Auswertung - 24.10.2015 (7)
  2. RAM zählt hoch bis computer auslastet und nicht mehr arbeitet.
    Plagegeister aller Art und deren Bekämpfung - 17.05.2015 (33)
  3. [Debian] Unter Jessie (noch testing) einige DVD's nicht abspielbar.
    Alles rund um Mac OSX & Linux - 15.05.2015 (22)
  4. notebook arbeitet ewig ist sehr langsam und reagiert zeitweise gar nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 20.02.2015 (14)
  5. Malwarebytes Scan ungewöhnlich schnell, McAfee funktioniert nicht
    Log-Analyse und Auswertung - 19.08.2014 (8)
  6. Win 8. Youtube Videos nicht abspielbar (seiten ladefehler auf allen browsern)
    Netzwerk und Hardware - 30.07.2014 (8)
  7. Laptop arbeitet dauernd | Firefox leitet auf Malware Seite um | Dienste nicht mehr reaktivierbar
    Plagegeister aller Art und deren Bekämpfung - 27.07.2014 (14)
  8. AVG funktioniert nicht mehr, Flash arbeitet unzuverlässig
    Plagegeister aller Art und deren Bekämpfung - 13.08.2012 (23)
  9. PC arbeitet nicht mehr ordnungsgemäß-Fehlermeldungen server.exe, metinmetinmetin.exe bei PC Start
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (36)
  10. Internet verlangsamen, damit Youtubevideos nicht mehr so schnell in mein pc reingepowert werden?
    Alles rund um Windows - 21.08.2011 (9)
  11. Grafikkartentreiber arbeitet nicht mehr ordnungsgemäß, ausgelagerte Poolspeicher voll ausgelastet
    Netzwerk und Hardware - 22.07.2011 (13)
  12. Facebook-Virus trotz Scan nicht entfernt
    Diskussionsforum - 12.01.2011 (1)
  13. USB-Stick arbeitet nicht mehr ordentlich
    Netzwerk und Hardware - 03.07.2009 (4)
  14. Google arbeitet nicht mehr und ständig werden einfach Seiten geöffnet
    Log-Analyse und Auswertung - 01.12.2008 (1)
  15. Mein Computer arbeitet im Hintergrund mein internet ist auch nicht gerade schnell
    Log-Analyse und Auswertung - 21.03.2008 (0)
  16. PC schnell überlastet; Task-Manager nicht mehr zu öffnen
    Mülltonne - 08.11.2007 (0)
  17. DriveCleaner auf dem rechner und exe und zip dateien sind nicht nenutzbar
    Plagegeister aller Art und deren Bekämpfung - 20.10.2007 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar - Hallo, ich habe folgendes Problem: (Ich bin übrigens ein ganz schöner Leihe was windows und vieren angeht, da ich bis vor kurzem mac-user war) Ich war letze Woche nach einer - Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar...
Archiv
Du betrachtest: Vierenverdacht, trotz scan: Rechner arbeitet nicht mehr so schnell und solide wie zuvor, Youtubevideos sind nicht abspielbar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55