| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Rechner laggt sehr starkWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.11.2014, 19:30
| #1 |
| |  Windows 7: Rechner laggt sehr stark Hallo Zusammen, mein Notebook will nicht mehr so richtig bzw. ist er extrem langsam seit ca. 2 Wochen. Es kann passieren, dass er einige Sekunden benötigt eine Aktion (Tab wechsel kann bis zu 10 Sekunden dauern) auszuführen. Texte schreiben ist der Horror damit, da der Satz schon fertig getippt wurde bevor er zu sehen ist manchmal. Nach einem Neustart geht es wieder aber nach kurzer Zeit ist der Lagg wieder da. Ich fürchte ich habe mir etwas eingefangen. Hatte erst den Verdacht, dass die Festplatte etwas abbekommen hat aber eine Check der Festplatte blieb ohne Befund. Vor einigen Monaten hatte ich mir IStartSurf eingefangen, ich dachte ich hätte ihn entfernt. Jedenfalls waren danach die Logs sauber. Einen MEMtest habe ich gemacht und keine Fehler gefunden. Jetzt klappt das Herunterfahren auch nicht mehr richtig. Er benötigt bis zu 15 Minuten! Die Fehlermeldung nach dem Neustart könnte ich auch posten falls gewollt. Ich habe ein Kleingewerbe und nutze den Rechner auch dafür, habe niemanden der mir sonst helfen könnte. LG globegirl defrogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:32 on 27/11/2014 (Kxxxx)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 01
Ran by Kxxxx at 2014-11-27 13:35:22
Running from C:\Users\Kxxxx\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
10-Sekunden-Haushaltsbuch 5 5.14 (HKLM-x32\...\10-Sekunden-Haushaltsbuch 5) (Version: 5.14 - easy softway)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Kindle (HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.1217.1709 - )
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AVAFX (remove only) (HKLM-x32\...\AVAFX) (Version: - )
BayWotch Update v4.2.24 (HKLM-x32\...\baywotch4_is1) (Version: - Elmar Denkmann)
BMWi Updater (HKLM-x32\...\BMWi Updater) (Version: 1.0 - A2C Software AG, Aachen)
BMWi Updater (x32 Version: 1.0 - A2C Software AG, Aachen) Hidden
BMWi-Businessplaner Fuehren (HKLM-x32\...\BMWiBusinessplanerFuehren) (Version: 1.0 - UNKNOWN)
BMWi-Businessplaner Fuehren (x32 Version: 1.0 - UNKNOWN) Hidden
BMWi-Businessplaner Gruenden (HKLM-x32\...\BMWiBusinessplanerGruenden) (Version: 1.0 - UNKNOWN)
BMWi-Businessplaner Gruenden (x32 Version: 1.0 - UNKNOWN) Hidden
BMWi-Softwarepaket 10 (HKLM-x32\...\BMWi-Softwarepaket 10) (Version: 10.0 - A2C Software AG)
BMWi-Softwarepaket 10 (x32 Version: 10.0 - A2C Software AG, Aachen) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{69402281-8050-417B-93D8-9C2DB46C9DDC}) (Version: 2.1.0 - Kovid Goyal)
Camera Window DS (x32 Version: 5.1 - Canon) Hidden
Canon Camera WIA Driver (x32 Version: 5.6 - Canon) Hidden
Canon Camera Window DS for ZoomBrowser EX (HKLM-x32\...\InstallShield_{7B847C9D-6758-45E6-B598-3BD8F43EAE9E}) (Version: 5.1 - Canon)
Canon EOS Kiss_N REBEL_XT 350D WIA-Treiber (HKLM-x32\...\InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}) (Version: 5.6 - Canon)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.)
Canon PhotoRecord (HKLM-x32\...\{862983D7-FA08-493E-A9ED-6B7859E069D3}) (Version: 02.02.01000 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED}) (Version: 2.0 - Canon)
Canon RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{28291BD5-92D2-4685-82DC-CCA925C53CCA}) (Version: 1.1 - Canon)
Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.4.0.7 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.1.0.11 - Canon Inc.)
Canon Utilities Digital Photo Professional 1.6.1 (HKLM-x32\...\InstallShield_{789CF5F1-3326-4B7B-9D01-31047E0F5651}) (Version: 1.6.1 - Canon)
Canon Utilities Digital Photo Professional 1.6.1 (x32 Version: 1.6.1 - Canon) Hidden
Canon Utilities EOS Capture 1.5 (HKLM-x32\...\InstallShield_{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}) (Version: 1.5 - Canon)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities PhotoStitch 3.1 (HKLM-x32\...\InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}) (Version: 3.1.14 - Canon)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.)
ccc-core-static (x32 Version: 2009.1217.1710.30775 - ATI) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2631 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
concept/design Video Jukebox (HKLM-x32\...\{37569A10-CB38-4615-8B32-0BF9FF5D887D}_is1) (Version: Video Jukebox - concept/design GmbH)
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}) (Version: 16.0.0.707 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 16.0.707 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 16.0.707 - Corel Corporation) Hidden
CPUID HWMonitor 1.16 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.40 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dropbox (HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Ihr Firmenname) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
EOS Capture 1.5 (x32 Version: 1.5 - Canon) Hidden
ESET Smart Security (HKLM\...\{1B39AC27-CF06-4D20-A3B6-5F1BD41A81E8}) (Version: 5.2.9.12 - ESET, spol. s r.o.)
Express Burn CD DVD Blu-Ray Brenner (HKLM-x32\...\ExpressBurn) (Version: - NCH Software)
f4 2012 (HKLM-x32\...\f42012) (Version: - audiotranskription.de)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Free Alarm Clock 2.7.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 2.7 - Comfort Software Group)
Free Audio Converter version 5.0.22.128 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.22.128 - DVDVideoSoft Ltd.)
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Garmin Communicator Plugin (HKLM-x32\...\{13F054F3-0B07-4D15-9E80-C55B496AB557}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GrabIt 1.7.2 Beta 6 (build 1008) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{E0FE1E14-3A7A-4DB0-9FFA-0DD945AE84DB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
jHaushalt (HKLM-x32\...\jHaushalt) (Version: 2.6 - )
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 8.7.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.7.0 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
MozBackup 1.4.10 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MPlayer für Windows (Full Package) (HKLM-x32\...\{DB9E4EAB-2717-499F-8D56-4CC8A644AB60}) (Version: - LoRd MuldeR)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Numedia CD-DVD writing as non-admin user (HKLM-x32\...\{94056AE8-EF0F-45E4-A1B4-D754115F8A28}) (Version: 1.0.0 - H&M System Software GmbH)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Oracle VM VirtualBox 4.0.0 (HKLM\...\{76B91A94-33F6-4E92-88DF-3325427F4F47}) (Version: 4.0.0 - Oracle Corporation)
OTR Homeloader 1.5.8.141 (HKLM-x32\...\OTR Homeloader) (Version: 1.5.8.141 - © onlinetvrecorder.com)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
phase-6 2.3.2a (HKLM-x32\...\phase-6) (Version: 2.3.2a - phase-6)
PhotoStitch (x32 Version: 3.1.14 - Canon) Hidden
PixiePack Codec Pack (HKLM-x32\...\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}) (Version: 0.10.6.0 - None)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.3.2 - Dell Inc.)
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version: - Tobit.Software)
Radiotracker (HKLM-x32\...\{25CB97F0-10F7-4986-99A4-8BDA1C338E8E}) (Version: 4.1.10048.2910 - RapidSolution Software AG)
RAW Image Task 2.0 (x32 Version: 2.0 - Canon) Hidden
RemoteCapture Task 1.1 (x32 Version: 1.1 - Canon) Hidden
Seagate Drive Settings Installer (HKLM-x32\...\InstallShield_{91DDF870-EE18-44D8-9D93-F4C122B80908}) (Version: 1.00.0000 - Seagate Technologies LLC)
Seagate Drive Settings Installer (x32 Version: 1.00.0000 - Seagate Technologies LLC) Hidden
SeaMonkey (2.0.14) (HKLM-x32\...\SeaMonkey (2.0.14)) (Version: 2.0.14 (de) - Mozilla)
Skins (x32 Version: 2009.1217.1710.30775 - ATI) Hidden
SmartSound Quicktracks for Premiere Elements 9.0 (HKLM-x32\...\InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}) (Version: 3.12.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 9.0 (x32 Version: 3.12.3090 - SmartSound Software Inc) Hidden
SMPlayer 0.8.3 (HKLM-x32\...\SMPlayer) (Version: 0.8.3 - Ricardo Villalba)
Spotify (HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.3.0 - Synaptics Incorporated)
Taxpool-Buchhalter Mini 7.10 (HKLM-x32\...\Taxpool-Buchhalter Mini) (Version: 7.10 - psynetic® Software)
teXXas (HKLM-x32\...\{F3DCD04C-BE9C-408C-BC8C-B77AF972DBC2}) (Version: 1 - metaspinner net GmbH)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
TypingMaster Pro (HKLM-x32\...\{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1) (Version: 7.10 - TypingMaster Inc)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
UN.CO.VER. 2.0 (HKLM-x32\...\{92D9E57D-73A5-4329-9888-FBBC16ED8944}_is1) (Version: - Sario Marketing GmbH, Inc.)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Unity Web Player (HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.601 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-722145159-1481973383-1805952118-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
30-10-2014 18:37:48 Installed iTunes
08-11-2014 23:59:05 Geplanter Prüfpunkt
18-11-2014 20:39:10 Geplanter Prüfpunkt
25-11-2014 20:23:47 Windows Update
27-11-2014 08:17:32 Installed Java 7 Update 71
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {047777C0-A19B-4A29-992D-C71924778FE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {0F6B179B-5402-4A98-A82B-125F54296DE8} - System32\Tasks\DFGR7ZN1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.)
Task: {1410D6B9-FAF3-4D4F-9C58-4ECDFDE899FA} - System32\Tasks\{360A28C1-1496-45A4-94D3-BD5C965A9BB3} => D:\NightRacer.exe
Task: {2999CA57-032A-498D-9836-B710BA3440D2} - System32\Tasks\TotalSystemCare.Scanning => C:\Program Files\TotalSystemCare\TotalSystemCare.exe [2014-09-18] ()
Task: {4955E804-73FD-48A5-A216-251C0F159D57} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-02] ()
Task: {5914C204-930A-4077-8ACD-8D616EB727EF} - System32\Tasks\{D2978A0E-26D8-4FE1-B773-E466FA177D9C} => D:\NightRacer.exe
Task: {6C322365-6ED8-4E19-89D1-012A587750D1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001Core => C:\Users\Kxxxx\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-16] (Google Inc.)
Task: {7DF0582E-EC64-4A3E-B2ED-44BAA7345A91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {9C877DDF-272C-456F-82FB-35D671DAD19F} - System32\Tasks\Scheduled scanning task => C:\PROGRA~2\F-Secure\apps\COMPUT~1\ANTI-V~1\fsav.exe
Task: {A93956D1-8FF1-49FA-A144-3153B22D2A2C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {B1623BCF-DB14-41B0-A3E0-F41662AE7703} - System32\Tasks\NCH Swift Sound\expressburnShakeIcon => C:\Program Files (x86)\NCH Swift Sound\ExpressBurn\ExpressBurn.exe [2010-12-05] (NCH Software)
Task: {BD7474F9-2BF5-4B54-BA38-0856BEB4885C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001UA => C:\Users\Kxxxx\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-16] (Google Inc.)
Task: {F6BBB768-BF6A-4D0B-B058-1E52526A3D21} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001Core.job => C:\Users\Kxxxx\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001UA.job => C:\Users\Kxxxx\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~2\F-Secure\apps\COMPUT~1\ANTI-V~1\fsav.exe
==================== Loaded Modules (whitelisted) =============
2010-10-11 06:31 - 2009-07-17 02:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2010-10-11 06:31 - 2009-07-17 02:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2010-12-16 21:48 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-10-20 14:44 - 2010-07-02 12:52 - 00530448 _____ () C:\Program Files\Core Temp\Core Temp.exe
2007-01-25 03:52 - 2007-01-25 03:52 - 00065536 _____ () C:\Program Files (x86)\Common Files\NMSAccessU.exe
2010-12-25 22:09 - 2013-06-03 12:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2010-10-11 06:36 - 2010-05-21 18:00 - 00783680 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2009-05-05 18:56 - 2009-05-05 18:56 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-10-11 06:34 - 2010-10-11 06:34 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-10-11 06:36 - 2010-05-21 17:58 - 00116032 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-10-11 06:36 - 2010-05-21 17:58 - 00128320 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2010-10-11 06:36 - 2010-05-21 17:58 - 01123648 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2010-10-11 06:36 - 2010-05-21 17:59 - 00079168 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2010-10-11 06:36 - 2010-05-21 17:58 - 00234816 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2010-10-11 06:36 - 2010-05-21 17:58 - 00075072 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2010-10-11 06:36 - 2010-05-21 17:58 - 00111936 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2010-10-11 06:36 - 2010-05-21 17:58 - 00121152 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-722145159-1481973383-1805952118-500 - Administrator - Disabled)
Gast (S-1-5-21-722145159-1481973383-1805952118-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-722145159-1481973383-1805952118-1002 - Limited - Enabled)
Kxxxx (S-1-5-21-722145159-1481973383-1805952118-1001 - Administrator - Enabled) => C:\Users\Kxxxx
==================== Faulty Device Manager Devices =============
Name: Integrated Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2014 10:31:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (11/27/2014 10:31:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/27/2014 10:31:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/27/2014 09:20:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (11/27/2014 09:20:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/27/2014 09:20:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (11/25/2014 10:10:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998
Error: (11/25/2014 10:10:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998
Error: (11/25/2014 10:10:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/25/2014 09:46:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
System errors:
=============
Error: (11/27/2014 01:30:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.
Error: (11/27/2014 01:30:16 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0x0000000000000000, 0xfffff80000b9c510)C:\Windows\MEMORY.DMP112714-18345-01
Error: (11/27/2014 10:25:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.
Error: (11/27/2014 09:14:27 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (11/27/2014 09:14:27 AM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (11/27/2014 09:14:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.
Error: (11/25/2014 09:40:20 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (11/25/2014 09:40:20 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: D@01010004
Error: (11/25/2014 09:40:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.
Error: (11/01/2014 11:25:14 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sicherheitscenter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2010-10-17 00:36:37.787
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-10-17 00:36:37.773
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-10-17 00:36:37.497
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-10-17 00:36:37.489
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-10-15 23:13:05.975
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-10-15 23:13:05.960
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-10-15 23:13:05.756
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-10-15 23:13:05.748
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-10-15 23:12:50.042
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2010-10-15 23:12:50.025
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 20%
Total physical RAM: 8052.54 MB
Available physical RAM: 6429.77 MB
Total Pagefile: 16103.27 MB
Available Pagefile: 14300.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:186.48 GB) NTFS
Drive e: () (Removable) (Total:0.95 GB) (Free:0.04 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 15D567BC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 968.8 MB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Kxxxx (administrator) on EVOLUTION on 27-11-2014 13:32:43
Running from C:\Users\Kxxxx\Desktop
Loaded Profile: Kxxxx (Available profiles: Kxxxx)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
() C:\Program Files\Core Temp\Core Temp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Common Files\NMSAccessU.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
(Spotify Ltd) C:\Users\Kxxxx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated ) C:\Program Files (x86)\Adobe\Elements 9 Organizer\CAHeadless\dynamiclinkmanager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\CAHeadless\Adobe QT32 Server.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1909032 2010-01-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-20] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3168336 2009-11-03] (Dell Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [DellSupportCenter] => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2010-12-06] (Nullsoft, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MPlayerForWindows_UpdateReminder] => C:\Program Files (x86)\MPlayer für Windows\AutoUpdate.exe [235002 2011-06-09] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [165184 2010-05-21] (Softthinks)
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [teXXas] => C:\Program Files (x86)\teXXas\teXXas.exe [5147136 2008-04-25] ()
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [rfxsrvtray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 9 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [533952 2010-09-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Kxxxx\AppData\Local\Akamai\netsession_win.exe
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [Device Detection] => C:\Program Files (x86)\Lidl_Fotos\dd.exe
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [Google Update] => C:\Users\Kxxxx\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-16] (Google Inc.)
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [Spotify Web Helper] => C:\Users\Kxxxx\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-12-19] (Spotify Ltd)
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1328976 2012-04-25] (Comfort Software Group)
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\MountPoints2: {3a61a059-1699-11e2-be08-9d18a159574a} - E:\PMCsetup.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Kxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-722145159-1481973383-1805952118-1001 -> {12CBBBF1-E337-41EB-8974-874D78B8E9C7} URL =
SearchScopes: HKU\S-1-5-21-722145159-1481973383-1805952118-1001 -> {52A7762F-EDE6-40EF-9ACF-830B5DE4A64F} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-722145159-1481973383-1805952118-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.188.1
FireFox:
========
FF ProfilePath: C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-722145159-1481973383-1805952118-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-722145159-1481973383-1805952118-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-722145159-1481973383-1805952118-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kxxxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\searchplugins\google-maps.xml
FF Extension: ColorfulTabs - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-11-27]
FF Extension: Flashblock - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-09-07]
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\ALone-live@ya.ru.xpi [2014-09-17]
FF Extension: Classic Theme Restorer - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-09-07]
FF Extension: Cliqz Beta - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\cliqz@cliqz.com.xpi [2014-10-23]
FF Extension: NoScript - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-09-07]
FF Extension: CoolPreviews - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2014-09-07]
FF Extension: Adblock Plus - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-07]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-24]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-06-12]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-02-18]
FF HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\extensions\cliqz@cliqz.com
FF Extension: No Name - {B64D9B05-48E1-4CEB-BF58-E0643994E900} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1410084134&from=tugs&uid=WDCXWD5000BEKT-75KA9T0_WD-WXH1A708046380463
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1410084134&from=tugs&uid=WDCXWD5000BEKT-75KA9T0_WD-WXH1A708046380463"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\39.0.2171.65\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\39.0.2171.65\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\39.0.2171.65\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Kxxxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll No File
CHR Profile: C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-16]
CHR Extension: (Adblock Plus) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-12-16]
CHR Extension: (Google-Suche) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-16]
CHR Extension: (Google Wallet) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-16]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 FreeAgentGoFlex Service; C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [91432 2011-02-10] (Seagate Technology LLC)
R2 NMSAccessU; C:\Program Files (x86)\Common Files\NMSAccessU.exe [65536 2007-01-25] () [File not signed]
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-20] (IDT, Inc.)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed]
S2 892cc6a3; "C:\Windows\system32\rundll32.exe" "c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll",service
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R2 cpuz133; C:\Windows\system32\drivers\cpuz133_x64.sys [20968 2010-05-11] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET)
S3 RTCore64; C:\Program Files (x86)\RMClock\RTCore64.sys [7168 2005-05-25] () [File not signed]
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [43792 2010-12-22] (Oracle Corporation)
R3 ALSysIO; \??\C:\Users\Kxxxx\AppData\Local\Temp\ALSysIO64.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 13:32 - 2014-11-27 13:34 - 00022998 _____ () C:\Users\Kxxxx\Desktop\FRST.txt
2014-11-27 13:32 - 2014-11-27 13:32 - 00000474 _____ () C:\Users\Kxxxx\Desktop\defogger_disable.log
2014-11-27 13:30 - 2014-11-27 13:30 - 00455600 _____ () C:\Windows\Minidump\112714-18345-01.dmp
2014-11-27 13:16 - 2014-11-27 13:17 - 00007327 _____ () C:\Users\Kxxxx\Desktop\GMER1.txt
2014-11-27 09:53 - 2014-11-27 13:15 - 00202146 _____ () C:\Users\Kxxxx\Desktop\Neues Textdokument.txt
2014-11-27 09:52 - 2014-11-27 13:10 - 00048117 _____ () C:\Users\Kxxxx\Desktop\Addition1.txt
2014-11-27 09:50 - 2014-11-27 13:33 - 00000000 ____D () C:\FRST
2014-11-27 09:50 - 2014-11-27 13:12 - 00050953 _____ () C:\Users\Kxxxx\Desktop\FRST1.txt
2014-11-27 09:49 - 2014-11-27 13:10 - 00000474 _____ () C:\Users\Kxxxx\Desktop\defogger_disable1.log
2014-11-27 09:49 - 2014-11-27 09:49 - 00000000 _____ () C:\Users\Kxxxx\defogger_reenable
2014-11-27 09:46 - 2014-11-27 09:46 - 02117632 _____ (Farbar) C:\Users\Kxxxx\Desktop\FRST64.exe
2014-11-27 09:46 - 2014-11-27 09:46 - 00380416 _____ () C:\Users\Kxxxx\Desktop\Gmer-19357.exe
2014-11-27 09:44 - 2014-11-27 09:44 - 00050477 _____ () C:\Users\Kxxxx\Desktop\Defogger.exe
2014-11-27 09:22 - 2014-11-27 09:22 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Oracle
2014-11-27 09:21 - 2014-11-27 09:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-27 09:20 - 2014-11-27 09:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-27 09:20 - 2014-11-27 09:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-27 09:20 - 2014-11-27 09:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-27 09:12 - 2014-11-27 09:12 - 00003488 ____N () C:\bootsqm.dat
2014-11-25 21:26 - 2014-11-25 21:26 - 04443312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-24 09:59 - 2014-11-24 09:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-23 16:03 - 2014-11-23 16:03 - 00284687 _____ () C:\Users\Kxxxx\Downloads\image (1)
2014-11-23 16:03 - 2014-11-23 16:03 - 00284687 _____ () C:\Users\Kxxxx\Downloads\image
2014-11-19 06:16 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:16 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:16 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:16 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 06:16 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-19 06:16 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-19 06:16 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-19 06:16 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 06:37 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 06:37 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 06:37 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 06:37 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 06:37 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 06:37 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 06:37 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 06:37 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 06:37 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 06:37 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 06:37 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 06:37 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 06:37 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 06:37 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 06:37 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 06:37 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 06:37 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 06:37 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 06:37 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 06:37 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 06:37 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 06:37 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 06:37 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 06:37 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 06:37 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 06:37 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 06:37 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 06:37 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 06:37 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 06:37 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 06:37 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 06:37 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 06:37 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 06:37 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 06:37 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 06:37 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 06:37 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 06:37 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 06:37 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 06:37 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 06:37 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 06:37 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 06:37 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 06:37 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 06:37 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 06:37 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 06:37 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 06:37 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 06:37 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 06:37 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 06:37 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 06:37 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 06:37 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 06:37 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 06:37 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 06:37 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 06:37 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 06:37 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 06:37 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 06:36 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 06:36 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 06:36 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 06:36 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 06:36 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 06:36 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 06:36 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 06:36 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 06:36 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 06:36 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 06:36 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 06:36 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 06:36 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 06:36 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 06:36 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 06:36 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 06:36 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 06:36 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 06:36 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 06:36 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 06:36 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 06:36 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 06:36 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 06:36 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 06:36 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 06:36 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-01 15:50 - 2014-11-01 15:50 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Tobit
2014-10-31 10:16 - 2014-10-31 10:16 - 00001153 _____ () C:\Users\Kxxxx\Desktop\Free M4a to MP3 Converter.lnk
2014-10-31 10:16 - 2014-10-31 10:16 - 00001148 _____ () C:\Users\Kxxxx\Desktop\My Music Tools.lnk
2014-10-31 10:16 - 2014-10-31 10:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
2014-10-31 10:16 - 2014-10-31 10:16 - 00000000 ____D () C:\Program Files (x86)\Free M4a to MP3 Converter
2014-10-31 10:13 - 2014-10-31 10:13 - 01125200 _____ () C:\Users\Kxxxx\Downloads\Free M4a to MP3 Converter - CHIP-Installer.exe
2014-10-30 19:40 - 2014-10-30 23:22 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Apple Computer
2014-10-30 19:40 - 2014-10-30 19:40 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-30 19:40 - 2014-10-30 19:40 - 00000000 ____D () C:\Users\Kxxxx\AppData\Local\Apple Computer
2014-10-30 19:40 - 2014-10-30 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-30 19:40 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-10-30 19:39 - 2014-10-30 19:40 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-30 19:39 - 2014-10-30 19:40 - 00000000 ____D () C:\Program Files\iTunes
2014-10-30 19:39 - 2014-10-30 19:40 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-30 19:39 - 2014-10-30 19:39 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-30 19:39 - 2014-10-30 19:39 - 00000000 ____D () C:\Program Files\iPod
2014-10-30 19:37 - 2014-10-30 19:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-30 19:37 - 2014-10-30 19:37 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-10-30 19:37 - 2014-10-30 19:37 - 00000000 ____D () C:\Users\Kxxxx\AppData\Local\Apple
2014-10-30 19:37 - 2014-10-30 19:37 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-10-30 19:36 - 2014-10-30 19:37 - 00000000 ____D () C:\ProgramData\Apple
2014-10-30 19:36 - 2014-10-30 19:36 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-30 19:36 - 2014-10-30 19:36 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-10-30 19:34 - 2014-10-30 19:35 - 122418480 _____ (Apple Inc.) C:\Users\Kxxxx\Downloads\iTunes64Setup.exe
2014-10-30 19:31 - 2014-10-30 19:32 - 109829936 _____ (Apple Inc.) C:\Users\Kxxxx\Downloads\iTunesSetup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-27 13:32 - 2011-08-15 21:15 - 00000000 ___RD () C:\Users\Kxxxx\Dropbox
2014-11-27 13:32 - 2011-08-15 21:13 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Dropbox
2014-11-27 13:31 - 2010-10-14 14:56 - 00000000 ____D () C:\Users\Kxxxx\AppData\Local\SoftThinks
2014-11-27 13:30 - 2011-07-16 19:36 - 972385457 _____ () C:\Windows\MEMORY.DMP
2014-11-27 13:30 - 2011-07-16 19:36 - 00000000 ____D () C:\Windows\Minidump
2014-11-27 13:30 - 2011-06-06 20:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-27 13:30 - 2010-10-10 23:21 - 00334098 _____ () C:\Windows\PFRO.log
2014-11-27 13:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-27 13:30 - 2009-07-14 05:51 - 00239985 _____ () C:\Windows\setupact.log
2014-11-27 13:26 - 2013-04-25 19:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-27 13:19 - 2009-07-14 06:10 - 01276322 _____ () C:\Windows\WindowsUpdate.log
2014-11-27 12:56 - 2011-06-06 20:26 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-27 12:37 - 2012-12-16 17:44 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001UA.job
2014-11-27 12:36 - 2010-12-05 20:38 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Swift Sound
2014-11-27 11:37 - 2012-12-16 17:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001Core.job
2014-11-27 10:34 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-27 10:34 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-27 10:31 - 2009-07-14 18:58 - 07972462 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 10:31 - 2009-07-14 18:58 - 02493044 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 10:31 - 2009-07-14 06:13 - 00006536 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-27 10:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Vss
2014-11-27 09:49 - 2010-10-14 14:56 - 00000000 ____D () C:\Users\Kxxxx
2014-11-27 09:32 - 2014-10-03 14:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-27 09:31 - 2014-10-03 14:51 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-27 09:31 - 2014-10-03 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-27 09:31 - 2014-10-03 14:51 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-27 09:23 - 2010-10-11 06:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-27 09:21 - 2013-11-05 10:12 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-27 09:13 - 2012-04-25 15:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-27 06:01 - 2013-09-30 20:57 - 00000227 _____ () C:\Users\Kxxxx\Desktop\Huhu_Schatzi.txt
2014-11-26 20:37 - 2012-12-16 17:44 - 00002424 _____ () C:\Users\Kxxxx\Desktop\Google Chrome.lnk
2014-11-25 21:39 - 2009-07-14 05:45 - 00521976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 21:36 - 2014-05-11 13:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-25 21:35 - 2011-03-06 15:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-25 21:31 - 2013-08-15 07:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-25 21:27 - 2010-10-31 11:53 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-25 21:26 - 2013-04-25 19:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 21:26 - 2013-04-25 19:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 21:26 - 2013-04-25 19:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 21:20 - 2010-10-14 20:34 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\BayWotch4
2014-11-22 20:00 - 2012-02-14 21:19 - 00000614 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-11-22 18:54 - 2011-04-03 20:26 - 00000000 ____D () C:\Users\Kxxxx\Documents\Turbo Lister Backup
2014-11-22 13:46 - 2010-10-25 18:23 - 00000000 ____D () C:\Eigene Dateien
2014-11-18 20:09 - 2011-08-15 21:15 - 00001025 _____ () C:\Users\Kxxxx\Desktop\Dropbox.lnk
2014-11-18 20:09 - 2011-08-15 21:14 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-16 11:32 - 2012-12-16 17:44 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001UA
2014-11-16 11:32 - 2012-12-16 17:44 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001Core
2014-11-14 17:24 - 2014-03-25 09:39 - 00000947 _____ () C:\Users\Kxxxx\Desktop\FB.txt
2014-11-12 19:51 - 2011-06-06 20:26 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 19:51 - 2011-06-06 20:26 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-01 22:59 - 2010-12-25 15:00 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Winamp
2014-10-30 16:17 - 2010-10-18 15:19 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\GrabIt
Some content of TEMP:
====================
C:\Users\Kxxxx\AppData\Local\Temp\AutoRun.exe
C:\Users\Kxxxx\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Kxxxx\AppData\Local\Temp\contentDATs.exe
C:\Users\Kxxxx\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvdwvbm.dll
C:\Users\Kxxxx\AppData\Local\Temp\easetup.exe
C:\Users\Kxxxx\AppData\Local\Temp\edsetup.exe
C:\Users\Kxxxx\AppData\Local\Temp\First15.exe
C:\Users\Kxxxx\AppData\Local\Temp\FoxySecure_IE_FF_12-02-2014_Version_5_Setup.exe
C:\Users\Kxxxx\AppData\Local\Temp\infozip.exe
C:\Users\Kxxxx\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Kxxxx\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Kxxxx\AppData\Local\Temp\ShellLink.dll
C:\Users\Kxxxx\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Kxxxx\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Kxxxx\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Kxxxx\AppData\Local\Temp\VP6Install.exe
C:\Users\Kxxxx\AppData\Local\Temp\VP6VFW.dll
C:\Users\Kxxxx\AppData\Local\Temp\wget.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-16 01:33
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-27 13:48:44
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000BEKT-75KA9T0 rev.01.01A01 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Kxxxx\AppData\Local\Temp\pgldrpod.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2092] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000076d08791 4 bytes [C2, 04, 00, 00]
.text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2092] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000771f1465 2 bytes [1F, 77]
.text C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[2092] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000771f14bb 2 bytes [1F, 77]
.text ... * 2
.text C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe[2352] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 0000000076d08791 5 bytes JMP 000000010067b780
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000771f1465 2 bytes [1F, 77]
.text C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE[2424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000771f14bb 2 bytes [1F, 77]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{3D692216-B455-4B26-94CA-F89DE85BD19D}\Connection@Name isatap.{0BD0B0CB-8620-4F20-A268-16E9FFCB341A}
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Bind \Device\{F044F36D-EDDB-4813-8EC3-2A3AF062A0AC}?\Device\{7378B515-9881-4C76-8A60-08B3CEBBBEF7}?\Device\{3D692216-B455-4B26-94CA-F89DE85BD19D}?\Device\{0CB90C56-2767-426A-9375-18E6C9B51E46}?\Device\{AB0ACA5D-1520-43CA-BC5F-CDED1154E70C}?\Device\{5FFCB88A-9BC9-4A92-A8DB-7F4BD86929E5}?\Device\{B7B4F59C-B665-4F65-B2EF-E5228D68BF5B}?\Device\{D6E6911B-6EA1-497A-8D4D-56C04D12C5AA}?\Device\{888C542B-B2BE-4028-B2AB-0D84E620616B}?\Device\{1DCBCC93-3C1D-4205-8C72-2CA0C1F92B69}?\Device\{02105984-8AB1-458C-A8DA-79A4EF73242D}?\Device\{53DB24A2-B23C-4872-B396-EF16EC2C77DD}?\Device\{79ED5BE7-3C50-49BC-89B1-141B3993AA11}?\Device\{E45F9F15-3D96-4CFA-BED6-4F4881B44756}?\Device\{97355798-CFE5-4233-9BF3-A661622B9D21}?\Device\{EA0088F3-6677-4DF4-AB9B-E57D4C9840C3}?\Device\{C2E6A39A-F1C9-49C1-81B7-DE6EF0D792AE}?\Device\{E62A5C0A-A104-4EC1-B468-073BD1001AE6}?\Device\{81E98821-F165-443B-84F6-699C743BDE96}?\Device\{25EA0107-EE68-44F6-9227-AC555E351DC9}?\Device\{6DFC8D70-1DF9-493F-A995-5A84A67A26B5}?\Device\{EC5D1DF7-9194-4237-A9E0-C07
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Route "{F044F36D-EDDB-4813-8EC3-2A3AF062A0AC}"?"{7378B515-9881-4C76-8A60-08B3CEBBBEF7}"?"{3D692216-B455-4B26-94CA-F89DE85BD19D}"?"{0CB90C56-2767-426A-9375-18E6C9B51E46}"?"{AB0ACA5D-1520-43CA-BC5F-CDED1154E70C}"?"{5FFCB88A-9BC9-4A92-A8DB-7F4BD86929E5}"?"{B7B4F59C-B665-4F65-B2EF-E5228D68BF5B}"?"{D6E6911B-6EA1-497A-8D4D-56C04D12C5AA}"?"{888C542B-B2BE-4028-B2AB-0D84E620616B}"?"{1DCBCC93-3C1D-4205-8C72-2CA0C1F92B69}"?"{02105984-8AB1-458C-A8DA-79A4EF73242D}"?"{53DB24A2-B23C-4872-B396-EF16EC2C77DD}"?"{79ED5BE7-3C50-49BC-89B1-141B3993AA11}"?"{E45F9F15-3D96-4CFA-BED6-4F4881B44756}"?"{97355798-CFE5-4233-9BF3-A661622B9D21}"?"{EA0088F3-6677-4DF4-AB9B-E57D4C9840C3}"?"{C2E6A39A-F1C9-49C1-81B7-DE6EF0D792AE}"?"{E62A5C0A-A104-4EC1-B468-073BD1001AE6}"?"{81E98821-F165-443B-84F6-699C743BDE96}"?"{25EA0107-EE68-44F6-9227-AC555E351DC9}"?"{6DFC8D70-1DF9-493F-A995-5A84A67A26B5}"?"{EC5D1DF7-9194-4237-A9E0-C0768996D436}"?"{3FABD84E-A6E2-416A-97C9-8B492150AB57}"?
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage@Export \Device\TCPIP6TUNNEL_{F044F36D-EDDB-4813-8EC3-2A3AF062A0AC}?\Device\TCPIP6TUNNEL_{7378B515-9881-4C76-8A60-08B3CEBBBEF7}?\Device\TCPIP6TUNNEL_{3D692216-B455-4B26-94CA-F89DE85BD19D}?\Device\TCPIP6TUNNEL_{0CB90C56-2767-426A-9375-18E6C9B51E46}?\Device\TCPIP6TUNNEL_{AB0ACA5D-1520-43CA-BC5F-CDED1154E70C}?\Device\TCPIP6TUNNEL_{5FFCB88A-9BC9-4A92-A8DB-7F4BD86929E5}?\Device\TCPIP6TUNNEL_{B7B4F59C-B665-4F65-B2EF-E5228D68BF5B}?\Device\TCPIP6TUNNEL_{D6E6911B-6EA1-497A-8D4D-56C04D12C5AA}?\Device\TCPIP6TUNNEL_{888C542B-B2BE-4028-B2AB-0D84E620616B}?\Device\TCPIP6TUNNEL_{1DCBCC93-3C1D-4205-8C72-2CA0C1F92B69}?\Device\TCPIP6TUNNEL_{02105984-8AB1-458C-A8DA-79A4EF73242D}?\Device\TCPIP6TUNNEL_{53DB24A2-B23C-4872-B396-EF16EC2C77DD}?\Device\TCPIP6TUNNEL_{79ED5BE7-3C50-49BC-89B1-141B3993AA11}?\Device\TCPIP6TUNNEL_{E45F9F15-3D96-4CFA-BED6-4F4881B44756}?\Device\TCPIP6TUNNEL_{97355798-CFE5-4233-9BF3-A661622B9D21}?\Device\TCPIP6TUNNEL_{EA0088F3-6677-4DF4-AB9B-E57D4C9840C3}?\Device\TCPIP6TUNNEL_{C2E6A39A-F1C9-49C1-81B7-DE6EF0D792AE}?\De
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0018e408b597
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0018e408b597@5001bb4c3cd7 0xF3 0xF5 0x68 0xF0 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0018e408b597@000272e3dc29 0x82 0x06 0xAC 0x6C ...
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{3D692216-B455-4B26-94CA-F89DE85BD19D}@InterfaceName isatap.{0BD0B0CB-8620-4F20-A268-16E9FFCB341A}
Reg HKLM\SYSTEM\CurrentControlSet\services\iphlpsvc\Parameters\Isatap\{3D692216-B455-4B26-94CA-F89DE85BD19D}@ReusableType 0
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0018e408b597 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0018e408b597@5001bb4c3cd7 0xF3 0xF5 0x68 0xF0 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0018e408b597@000272e3dc29 0x82 0x06 0xAC 0x6C ...
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 27.11.2014 Suchlauf-Zeit: 13:49:47 Logdatei: MBAM.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.11.27.04 Rootkit Datenbank: v2014.11.22.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Kxxxx Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 356248 Verstrichene Zeit: 17 Min, 29 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.102 - Bericht erstellt am 27/11/2014 um 14:28:40
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-23.7 [Local]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kxxxx - EVOLUTION
# Gestartet von : C:\Users\Kxxxx\Desktop\AdwCleaner_4.102.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : 892cc6a3
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files\TotalSystemCare
Ordner Gelöscht : C:\Users\Kxxxx\AppData\Local\CrashRpt
Ordner Gelöscht : C:\Users\Kxxxx\AppData\Roaming\Tobit
Datei Gelöscht : C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\ALone-live@ya.ru.xpi
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\StormWatch
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.1.1 (x86 de)
-\\ Google Chrome v
[C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1410084134&from=tugs&uid=WDCXWD5000BEKT-75KA9T0_WD-WXH1A708046380463&q={searchTerms}
[C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=ds&ts=1410084134&from=tugs&uid=WDCXWD5000BEKT-75KA9T0_WD-WXH1A708046380463&q={searchTerms}
*************************
AdwCleaner[R0].txt - [23969 octets] - [03/10/2014 14:51:29]
AdwCleaner[R1].txt - [24344 octets] - [03/10/2014 14:58:53]
AdwCleaner[R2].txt - [14804 octets] - [03/10/2014 15:26:09]
AdwCleaner[R3].txt - [1222 octets] - [03/10/2014 22:51:46]
AdwCleaner[R4].txt - [2179 octets] - [27/11/2014 14:21:36]
AdwCleaner[S0].txt - [13230 octets] - [03/10/2014 15:29:18]
AdwCleaner[S1].txt - [2012 octets] - [27/11/2014 14:28:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2072 octets] ##########
|
|
28.11.2014, 06:52
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: Rechner laggt sehr stark hi,
__________________ja poste mal die Fehlermeldung nach Start.
__________________ |
|
28.11.2014, 07:29
| #3 |
| | Windows 7: Rechner laggt sehr stark Hallo Schrauber,
__________________hier die Meldung. Erstaunlich beim letzten Neustart ging es wieder normal. Mit den dort angegeben Datein kann ich nichts anfangen. Die WER-62993-0.sysdata.xml finde ich nicht mal. LG globegirl Code:
ATTFilter Windows wird nach unerwartetem Herunterfahren wieder ausgeführt.
Problemsignatur:
Problemereignisname: BlueScreen
Betriebsystemversion: 6.1.7601.2.1.0.768.3
Gebietsschema-ID: 1031
Zusatzinformationen zum Problem:
BCCode: 1000009f
BCP1: 0000000000000004
BCP2: 0000000000000258
BCP3: FFFFFA8006C77B50
BCP4: FFFFF80004440510
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1
Dateien, die bei der Beschreibung des Problems hilfreich sind:
C:\Windows\Minidump\112714-19234-01.dmp
C:\Users\Kxxxx\AppData\Local\Temp\WER-62993-0.sysdata.xml
Lesen Sie unsere Datenschutzbestimmungen online:
hxxp://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0407
Wenn die Onlinedatenschutzbestimmungen nicht verfügbar sind, lesen Sie unsere Datenschutzbestimmungen offline:
C:\Windows\system32\de-DE\erofflps.txt
|
|
28.11.2014, 18:35
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: Rechner laggt sehr stark Lade Dir bitte Bluescreenview und installiere es: BlueScreenView - Download - Filepony Öffnen und den aktuellsten Dump analysieren lassen (macht das Tool automatisch). Output hier posten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.11.2014, 01:05
| #5 |
| | Windows 7: Rechner laggt sehr stark Hallo Schrauber, ich hatte heute mal die Problemlösung von Microsoft gemacht gehabt und das war das Ergebnis nach 2 Stunden. Werde mal die beiden Dumps posten, vom letzten mal und dieses hier. Das Lösungsergebnis von der Problemmeldunge lautet: Datenschutzbestimmungen online lesen Windows Problem: Unerwartetes Herunterfahren Dateien, die bei der Beschreibung des Problems hilfreich sind: 112714-18345-01.dmp sysdata.xml WERInternalMetadata.xml Temporäre Kopie dieser Dateien anzeigen Warnung: Wenn das Problem durch einen Virus oder ein sonstiges Sicherheitsrisiko verursacht wurde, kann der Computer durch das Öffnen einer Kopie der Dateien beschädigt werden. Hoffe das war so richig. Hier Dump C:\Windows\Minidump\112714-19234-01.dmp von letzten mal: Probmellösungsdump Dump_18345: Code:
ATTFilter ==================================================
Dump File : 112714-18345-01.dmp
Crash Time : 27.11.2014 13:29:14
Bug Check String : DRIVER_POWER_STATE_FAILURE
Bug Check Code : 0x0000009f
Parameter 1 : 00000000`00000004
Parameter 2 : 00000000`00000258
Parameter 3 : 00000000`00000000
Parameter 4 : fffff800`00b9c510
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144)
Processor : x64
Crash Address : ntoskrnl.exe+75bc0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\112714-18345-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 455.600
Dump File Time : 27.11.2014 13:30:16
==================================================
Code:
ATTFilter ==================================================
Dump File : 112714-19234-01.dmp
Crash Time : 27.11.2014 14:39:01
Bug Check String : DRIVER_POWER_STATE_FAILURE
Bug Check Code : 0x1000009f
Parameter 1 : 00000000`00000004
Parameter 2 : 00000000`00000258
Parameter 3 : fffffa80`06c77b50
Parameter 4 : fffff800`04440510
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+78a8a
File Description : NT Kernel & System
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 6.1.7601.18409 (win7sp1_gdr.140303-2144)
Processor : x64
Crash Address : ntoskrnl.exe+78a8a
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\112714-19234-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 455.600
Dump File Time : 27.11.2014 14:40:00
==================================================
 LG gloebgirl |
|
29.11.2014, 19:58
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7: Rechner laggt sehr stark Gewusst wie: Durchführen eines sauberen Neustarts in Windows Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht. Diesen dann hier benennen.
__________________ --> Windows 7: Rechner laggt sehr stark |
|
30.11.2014, 12:31
| #7 |
| | Windows 7: Rechner laggt sehr stark Hallo Schrauber, Clean Boot wurde ausgeführt, doch das Problem ist weiterhin da. Den einzigen Dienst den ich nicht abstellen konnte war ESET, dieser hat sich immer wieder selbst eingeschaltet. Was mir aber jetzt aussfällt. Es tritt eigentlich nur noch im FF auf. In anderen Browsern (Chrome, Opera) ist nicht davon zu merken. Ebenfalls zum Fehlerbild gehört das merkwürdige Verhalten beim markieren. Ich kann mit der Maus nicht mehr richtig Texte markieren. Meistens fehlt das letzte Zeichen und wenn ich wieder wo anders hin klicke bleibt der Text markiert bis ich mit der Maus scrolle. LG globegirl |
|
30.11.2014, 17:52
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7: Rechner laggt sehr stark Das mit dem Markieren ist auch nur im Browser? Bitte in FF mal die Hardwarebeschleunigung abschalten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.11.2014, 18:59
| #9 |
| | Windows 7: Rechner laggt sehr stark Ich bin mir nicht sicher, ob nur im Browser, aber im Moment ja. Hartwarebeschleunigung habe ich ausgeschaltet und jetzt sind die Symptome verschwunden. Markieren funktioniert wieder normal und auch der Tabwechsel ohne Verzögerung. Textschreiben geht auch wieder normal. Die Dienste sind jedoch alle noch abgeschaltet. Soll ich sie jetzt mal starten? Das sieht bis jetzt sehr gut aus. LG globegirl |
|
01.12.2014, 19:17
| #10 |
| /// the machine /// TB-Ausbilder | Windows 7: Rechner laggt sehr stark Ja die kannste wieder starten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.12.2014, 22:26
| #11 |
| | Windows 7: Rechner laggt sehr stark Hallo Schrauber, ok soll ich sonst noch etwas machen oder war es dann schon? Das wäre dann super fix gegangen. LG globegirl |
|
02.12.2014, 20:38
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7: Rechner laggt sehr stark Wie verhält sich der Rechner denn jetzt nach dem Aktivieren der Dienste? Poste bitte noch ein frisches FRST log, dann räumen wir auf
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.12.2014, 09:02
| #13 |
| | Windows 7: Rechner laggt sehr stark Es sieht sehr gut aus, keinerlei Probleme bis jetzt. LG globegirl FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-12-2014
Ran by Kxxxx (administrator) on EVOLUTION on 03-12-2014 08:56:55
Running from C:\Users\Kxxxx\Desktop
Loaded Profile: Kxxxx (Available profiles: Kxxxx)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Common Files\NMSAccessU.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
() C:\Program Files\Core Temp\Core Temp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
() C:\Program Files (x86)\teXXas\teXXas.exe
(Dropbox, Inc.) C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2010-12-06] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe [165184 2010-05-21] (Softthinks)
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [teXXas] => C:\Program Files (x86)\teXXas\teXXas.exe [5147136 2008-04-25] ()
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [Device Detection] => C:\Program Files (x86)\Lidl_Fotos\dd.exe
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Kxxxx\AppData\Local\Akamai\netsession_win.exe
HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\MountPoints2: {3a61a059-1699-11e2-be08-9d18a159574a} - E:\PMCsetup.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Kxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kxxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {52A7762F-EDE6-40EF-9ACF-830B5DE4A64F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {12CBBBF1-E337-41EB-8974-874D78B8E9C7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-722145159-1481973383-1805952118-1001 -> {12CBBBF1-E337-41EB-8974-874D78B8E9C7} URL =
SearchScopes: HKU\S-1-5-21-722145159-1481973383-1805952118-1001 -> {52A7762F-EDE6-40EF-9ACF-830B5DE4A64F} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-722145159-1481973383-1805952118-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.188.1
FireFox:
========
FF ProfilePath: C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-722145159-1481973383-1805952118-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-722145159-1481973383-1805952118-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Kxxxx\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-722145159-1481973383-1805952118-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kxxxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\searchplugins\google-maps.xml
FF Extension: ColorfulTabs - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-11-27]
FF Extension: Flashblock - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-09-07]
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\ALone-live@ya.ru.xpi [2014-11-28]
FF Extension: Classic Theme Restorer - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-09-07]
FF Extension: Cliqz Beta - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\cliqz@cliqz.com.xpi [2014-10-23]
FF Extension: NoScript - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-09-07]
FF Extension: CoolPreviews - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2014-09-07]
FF Extension: Adblock Plus - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-07]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-11-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-11-24]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-06-12]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-02-18]
FF HKU\S-1-5-21-722145159-1481973383-1805952118-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Kxxxx\AppData\Roaming\Mozilla\Firefox\Profiles\3lhy8xmp.default-1410095863250\extensions\cliqz@cliqz.com
FF Extension: No Name - {B64D9B05-48E1-4CEB-BF58-E0643994E900} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hp&ts=1410084134&from=tugs&uid=WDCXWD5000BEKT-75KA9T0_WD-WXH1A708046380463
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1410084134&from=tugs&uid=WDCXWD5000BEKT-75KA9T0_WD-WXH1A708046380463"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (NPCIG.dll) - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Kxxxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll No File
CHR Profile: C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-16]
CHR Extension: (Adblock Plus) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-12-16]
CHR Extension: (Google-Suche) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-16]
CHR Extension: (Google Wallet) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Kxxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-16]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [913144 2012-03-07] (ESET)
S4 FreeAgentGoFlex Service; C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [91432 2011-02-10] (Seagate Technology LLC)
R2 NMSAccessU; C:\Program Files (x86)\Common Files\NMSAccessU.exe [65536 2007-01-25] () [File not signed]
S4 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-20] (IDT, Inc.)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R2 cpuz133; C:\Windows\system32\drivers\cpuz133_x64.sys [20968 2010-05-11] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [187632 2012-03-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [38288 2012-03-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62496 2012-03-14] (ESET)
S3 RTCore64; C:\Program Files (x86)\RMClock\RTCore64.sys [7168 2005-05-25] () [File not signed]
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [43792 2010-12-22] (Oracle Corporation)
R3 ALSysIO; \??\C:\Users\Kxxxx\AppData\Local\Temp\ALSysIO64.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-03 08:52 - 2014-12-03 08:56 - 00019732 _____ () C:\Users\Kxxxx\Desktop\FRST.txt
2014-12-03 08:48 - 2014-12-03 08:48 - 00000000 ____D () C:\Users\Kxxxx\Desktop\FRST-OlderVersion
2014-11-30 12:06 - 2014-12-02 22:07 - 00000000 ____D () C:\Windows\pss
2014-11-29 00:55 - 2014-11-29 00:55 - 00002118 _____ () C:\Users\Kxxxx\Desktop\Dump-18345.txt
2014-11-29 00:54 - 2014-11-29 00:54 - 00002118 _____ () C:\Users\Kxxxx\Desktop\Dump1-19234.txt
2014-11-29 00:53 - 2014-11-29 01:10 - 00000000 ____D () C:\Users\Kxxxx\Desktop\BlueScreenView
2014-11-29 00:53 - 2014-11-29 00:53 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2014-11-28 20:11 - 2014-11-28 20:11 - 00141480 _____ () C:\Users\Kxxxx\Desktop\bluescreenview_152setup.exe
2014-11-28 08:44 - 2014-11-28 08:48 - 00001309 _____ () C:\Users\Kxxxx\Desktop\Datenträgerbereinigung Professional.lnk
2014-11-27 14:45 - 2014-11-27 14:46 - 00002145 _____ () C:\Users\Kxxxx\Desktop\AdwCleaner[S1].txt
2014-11-27 14:43 - 2014-11-28 09:30 - 00001297 _____ () C:\Users\Kxxxx\Desktop\Win-Fehler.txt
2014-11-27 14:39 - 2014-11-27 14:40 - 00455600 _____ () C:\Windows\Minidump\112714-19234-01.dmp
2014-11-27 14:25 - 2014-11-27 14:24 - 00002179 _____ () C:\Users\Kxxxx\Desktop\AdwCleaner[R4].txt
2014-11-27 14:25 - 2014-10-03 22:52 - 00001222 _____ () C:\Users\Kxxxx\Desktop\AdwCleaner[R3].txt
2014-11-27 14:25 - 2014-10-03 15:29 - 00013230 _____ () C:\Users\Kxxxx\Desktop\AdwCleaner[S0].txt
2014-11-27 14:25 - 2014-10-03 15:28 - 00014804 _____ () C:\Users\Kxxxx\Desktop\AdwCleaner[R2].txt
2014-11-27 14:25 - 2014-10-03 14:59 - 00024344 _____ () C:\Users\Kxxxx\Desktop\AdwCleaner[R1].txt
2014-11-27 14:25 - 2014-10-03 14:53 - 00023969 _____ () C:\Users\Kxxxx\Desktop\AdwCleaner[R0].txt
2014-11-27 14:20 - 2014-11-27 14:20 - 02148864 _____ () C:\Users\Kxxxx\Desktop\AdwCleaner_4.102.exe
2014-11-27 14:10 - 2014-11-27 14:10 - 00001973 _____ () C:\Users\Kxxxx\Desktop\MBAM-3-10.txt
2014-11-27 14:09 - 2014-11-27 14:09 - 00001453 _____ () C:\Users\Kxxxx\Desktop\MBAM-alt.txt
2014-11-27 14:08 - 2014-11-27 18:43 - 00001201 _____ () C:\Users\Kxxxx\Desktop\MBAM.txt
2014-11-27 13:48 - 2014-11-27 13:49 - 00006796 _____ () C:\Users\Kxxxx\Desktop\GMER.txt
2014-11-27 13:35 - 2014-11-27 13:36 - 00046512 _____ () C:\Users\Kxxxx\Desktop\Addition2.txt
2014-11-27 13:32 - 2014-12-03 08:50 - 00043636 _____ () C:\Users\Kxxxx\Desktop\FRSTneu.txt
2014-11-27 13:32 - 2014-11-27 13:39 - 00000474 _____ () C:\Users\Kxxxx\Desktop\defogger_disable.log
2014-11-27 13:30 - 2014-11-27 13:30 - 00455600 _____ () C:\Windows\Minidump\112714-18345-01.dmp
2014-11-27 13:16 - 2014-11-27 13:17 - 00007327 _____ () C:\Users\Kxxxx\Desktop\GMER1.txt
2014-11-27 09:53 - 2014-11-27 15:06 - 00200530 _____ () C:\Users\Kxxxx\Desktop\Neues Textdokument.txt
2014-11-27 09:52 - 2014-11-27 13:10 - 00048117 _____ () C:\Users\Kxxxx\Desktop\Addition1.txt
2014-11-27 09:50 - 2014-12-03 08:56 - 00000000 ____D () C:\FRST
2014-11-27 09:50 - 2014-11-27 13:12 - 00050953 _____ () C:\Users\Kxxxx\Desktop\FRST1.txt
2014-11-27 09:49 - 2014-11-27 13:10 - 00000474 _____ () C:\Users\Kxxxx\Desktop\defogger_disable1.log
2014-11-27 09:49 - 2014-11-27 09:49 - 00000000 _____ () C:\Users\Kxxxx\defogger_reenable
2014-11-27 09:46 - 2014-12-03 08:48 - 02117120 _____ (Farbar) C:\Users\Kxxxx\Desktop\FRST64.exe
2014-11-27 09:46 - 2014-11-27 09:46 - 00380416 _____ () C:\Users\Kxxxx\Desktop\Gmer-19357.exe
2014-11-27 09:44 - 2014-11-27 09:44 - 00050477 _____ () C:\Users\Kxxxx\Desktop\Defogger.exe
2014-11-27 09:22 - 2014-11-27 09:22 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Oracle
2014-11-27 09:21 - 2014-11-27 09:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-27 09:20 - 2014-11-27 09:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-27 09:20 - 2014-11-27 09:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-27 09:20 - 2014-11-27 09:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-25 21:26 - 2014-11-25 21:26 - 04443312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-24 09:59 - 2014-11-24 09:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-23 16:03 - 2014-11-23 16:03 - 00284687 _____ () C:\Users\Kxxxx\Downloads\image (1)
2014-11-23 16:03 - 2014-11-23 16:03 - 00284687 _____ () C:\Users\Kxxxx\Downloads\image
2014-11-19 06:16 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:16 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:16 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:16 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-19 06:16 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-19 06:16 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-19 06:16 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-19 06:16 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 06:37 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 06:37 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 06:37 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 06:37 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 06:37 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 06:37 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 06:37 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 06:37 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 06:37 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 06:37 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 06:37 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 06:37 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 06:37 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 06:37 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 06:37 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 06:37 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 06:37 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 06:37 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 06:37 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 06:37 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 06:37 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 06:37 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 06:37 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 06:37 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 06:37 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 06:37 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 06:37 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 06:37 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 06:37 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 06:37 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 06:37 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 06:37 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 06:37 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 06:37 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 06:37 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 06:37 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 06:37 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 06:37 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 06:37 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 06:37 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 06:37 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 06:37 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 06:37 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 06:37 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 06:37 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 06:37 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 06:37 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 06:37 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 06:37 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 06:37 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 06:37 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 06:37 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 06:37 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 06:37 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 06:37 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 06:37 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 06:37 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 06:37 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 06:37 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 06:36 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 06:36 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 06:36 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 06:36 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 06:36 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 06:36 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 06:36 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 06:36 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 06:36 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 06:36 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 06:36 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 06:36 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 06:36 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 06:36 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 06:36 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 06:36 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 06:36 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 06:36 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 06:36 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 06:36 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 06:36 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 06:36 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 06:36 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 06:36 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 06:36 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 06:36 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 06:36 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 06:36 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-03 08:56 - 2011-06-06 20:26 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-03 08:47 - 2013-04-25 19:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-03 08:47 - 2012-12-16 17:44 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001UA.job
2014-12-03 08:47 - 2009-07-14 05:51 - 00243233 _____ () C:\Windows\setupact.log
2014-12-02 23:01 - 2009-07-14 06:10 - 01521892 _____ () C:\Windows\WindowsUpdate.log
2014-12-02 22:15 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-02 22:15 - 2009-07-14 05:45 - 00022240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-02 22:14 - 2009-07-14 18:58 - 08122182 _____ () C:\Windows\system32\perfh007.dat
2014-12-02 22:14 - 2009-07-14 18:58 - 02542204 _____ () C:\Windows\system32\perfc007.dat
2014-12-02 22:14 - 2009-07-14 06:13 - 00006536 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-02 22:10 - 2011-08-15 21:15 - 00000000 ___RD () C:\Users\Kxxxx\Dropbox
2014-12-02 22:10 - 2011-08-15 21:13 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Dropbox
2014-12-02 22:08 - 2011-06-06 20:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-02 22:08 - 2010-10-14 14:56 - 00000000 ____D () C:\Users\Kxxxx\AppData\Local\SoftThinks
2014-12-02 22:08 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-02 20:05 - 2012-12-16 17:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001Core.job
2014-11-30 15:55 - 2012-06-30 19:18 - 00007599 _____ () C:\Users\Kxxxx\AppData\Local\resmon.resmoncfg
2014-11-30 15:52 - 2010-10-14 16:12 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-30 12:00 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-29 20:00 - 2012-02-14 21:19 - 00000614 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-11-29 16:30 - 2013-01-26 20:04 - 00000000 ____D () C:\Users\Kxxxx\AppData\Local\MPlayer
2014-11-28 09:41 - 2014-09-07 11:41 - 00001193 _____ () C:\Users\Kxxxx\Desktop\Eigene Musik - Verknüpfung.lnk
2014-11-27 23:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-27 14:39 - 2011-07-16 19:36 - 770043185 _____ () C:\Windows\MEMORY.DMP
2014-11-27 14:39 - 2011-07-16 19:36 - 00000000 ____D () C:\Windows\Minidump
2014-11-27 14:28 - 2014-10-03 14:50 - 00000000 ____D () C:\AdwCleaner
2014-11-27 13:49 - 2014-10-03 14:51 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-27 13:30 - 2010-10-10 23:21 - 00334098 _____ () C:\Windows\PFRO.log
2014-11-27 12:36 - 2010-12-05 20:38 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Swift Sound
2014-11-27 10:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Vss
2014-11-27 09:49 - 2010-10-14 14:56 - 00000000 ____D () C:\Users\Kxxxx
2014-11-27 09:31 - 2014-10-03 14:51 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-27 09:31 - 2014-10-03 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-27 09:31 - 2014-10-03 14:51 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-27 09:23 - 2010-10-11 06:30 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-27 09:21 - 2013-11-05 10:12 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-27 09:13 - 2012-04-25 15:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-27 06:01 - 2013-09-30 20:57 - 00000227 _____ () C:\Users\Kxxxx\Desktop\Huhu_Schatzi.txt
2014-11-26 20:37 - 2012-12-16 17:44 - 00002424 _____ () C:\Users\Kxxxx\Desktop\Google Chrome.lnk
2014-11-25 21:39 - 2009-07-14 05:45 - 00521976 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 21:36 - 2014-05-11 13:14 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-25 21:35 - 2011-03-06 15:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-25 21:31 - 2013-08-15 07:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-25 21:27 - 2010-10-31 11:53 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-25 21:26 - 2013-04-25 19:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 21:26 - 2013-04-25 19:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 21:26 - 2013-04-25 19:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 21:20 - 2010-10-14 20:34 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\BayWotch4
2014-11-22 18:54 - 2011-04-03 20:26 - 00000000 ____D () C:\Users\Kxxxx\Documents\Turbo Lister Backup
2014-11-22 13:46 - 2010-10-25 18:23 - 00000000 ____D () C:\Eigene Dateien
2014-11-18 20:09 - 2011-08-15 21:15 - 00001025 _____ () C:\Users\Kxxxx\Desktop\Dropbox.lnk
2014-11-18 20:09 - 2011-08-15 21:14 - 00000000 ____D () C:\Users\Kxxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-16 11:32 - 2012-12-16 17:44 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001UA
2014-11-16 11:32 - 2012-12-16 17:44 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-722145159-1481973383-1805952118-1001Core
2014-11-14 17:24 - 2014-03-25 09:39 - 00000947 _____ () C:\Users\Kxxxx\Desktop\FB.txt
2014-11-12 19:51 - 2011-06-06 20:26 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 19:51 - 2011-06-06 20:26 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
Some content of TEMP:
====================
C:\Users\Kxxxx\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplnwz4m.dll
C:\Users\Kxxxx\AppData\Local\Temp\First15.exe
C:\Users\Kxxxx\AppData\Local\Temp\Quarantine.exe
C:\Users\Kxxxx\AppData\Local\Temp\sqlite3.dll
C:\Users\Kxxxx\AppData\Local\Temp\VP6Install.exe
C:\Users\Kxxxx\AppData\Local\Temp\VP6VFW.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-27 23:27
==================== End Of Log ============================
--- --- --- |
|
04.12.2014, 09:04
| #14 |
| /// the machine /// TB-Ausbilder | Windows 7: Rechner laggt sehr stark Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.12.2014, 10:05
| #15 |
| | Windows 7: Rechner laggt sehr stark Hallo Schrauber, upps da war ich zu schnell. Hatte Delfix schon ausgeführt und das Fixlog.txt ist weg. Konnte aber lesen, dass der Key erfolgreich entfernt wurde. Kurze Frage was war das für ein Key? Ich nutze normal keinen IE. Sonst alles erledigt. Herzlichen Dank Schrauber. LG globegirl |
|
| Themen zu Windows 7: Rechner laggt sehr stark |
| adware, akamai, bccode: 1000009f, bluescreen 0x0000009f, branding, canon, converter, device driver, dvdvideosoft ltd., fehler, fehlercode 22, fehlercode d@01010004, fehlercode windows, festplatte, firefox, flash player, helper, homepage, langsam, memory.dmp, officejet, prozess, rundll, security, sekunden, server, software, svchost.exe, tab wechsel, this device is disabled. (code 22), tunnel, virtualbox, windows |
Linear-Darstellung
