Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Win 8.1 : Internet plötzlich sehr langsam

Win 8.1 : Internet plötzlich sehr langsam


Log-Analyse und Auswertung: Win 8.1 : Internet plötzlich sehr langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 07.01.2015, 01:00   #1
Coppelius5s
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Hallo Trojaner-Board Team,

seit ca. einem Monat verlangsamt sich mein Internetanschluss nach ca. 5-10 min Benutzung ohne ersichtlichen Grund.
Ich habe schon einige Versuche unternommen, dass Problem zu beheben, alle ohne den gewünschten Erfolg.

Hier kurz ein paar Infos:
Windows 8.1 64-bit
AMD Prozessor
4,0 Ram

Zu dem Maßnahmen:
Router Aktualisiert inkl. Reset
Regelmäßige Virenscans mit Malwarebytes; beim letzten wurden >200 Bedrohungen gefunden
Reinigung mit dem CCleaner


Leider alles ohne Erfolg.

Scans mit den empfohlenen Programmen durchgeführt. Mit der Ausnahme des GMER, denn der stürzt ab.

Im Anhang die Log-Dateien


Besten Dank

Alt 07.01.2015, 06:42   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 07.01.2015, 15:13   #3
Coppelius5s
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.01.2015
Suchlauf-Zeit: 00:17:34
Logdatei: MBAM1.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.06.13
Rootkit Datenbank: v2015.01.06.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: oneinc

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 365488
Verstrichene Zeit: 11 Min, 5 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3902786967-1432057805-4090323964-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [77be3fb5ec9d013583969f0beb1829d7], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3902786967-1432057805-4090323964-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [38fd8074a2e7ef478ca6fec2e024c739], 

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3902786967-1432057805-4090323964-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1N1M, In Quarantäne, [38fd8074a2e7ef478ca6fec2e024c739]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 9
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\index-dir, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\databases, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\GPUCache, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Local Storage, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.InetStat.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat, In Quarantäne, [1f1616de98f1ec4ae866db0ef3111ae6], 

Dateien: 193
PUP.Optional.Blasteroids.A, C:\ProgramData\Updater\trz3084.tmp, In Quarantäne, [c96c8c687910e650a76ade7e4ab6f907], 
PUP.Optional.Blasteroids.A, C:\ProgramData\Websteroids\trz27B9.tmp, In Quarantäne, [9c997f7522675cda2ce5d48805fbf30d], 
PUP.Optional.FriedCookie, C:\Users\oneinc\Downloads\flvplayer (1).exe, In Quarantäne, [4bea7b795b2e2c0aafee0574c73e4fb1], 
PUP.Optional.InetStat.A, C:\Users\oneinc\AppData\Roaming\InetStat\inetstat.exe, In Quarantäne, [ba7b9c585237d85eb07a77f8b64d659b], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\QuotaManager-journal, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\cookies, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\cookies-journal, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\QuotaManager, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\website.ico, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\01bdbd043a8d87d9_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\0375389fb56ec42e_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\05ff7aa027ded9b9_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\06103210ae5eb92b_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\06c864e3404958fc_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\08695d02c973f074_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\08bec7baf02dd388_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\08f1657b2ae54b9d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\0ac0c4b5c265cb26_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\0ae2ffbcc2649c9c_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\0e6996de6946ff33_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\1041015f9233625e_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\10ba1a6dd717f76d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\11f316f4ebe761a6_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\4918f475d810c370_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\4941e2a1f7a92f58_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\49cbd5ccd89aa924_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\4b62fe917181ed62_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\4daf3cbc2c7e199f_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\4fc1d6c2f5c967dd_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\527d5988fc949ed5_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\52dca8aaa3fab927_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\59f8199c46c0ac72_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\5b46d9fa4491e3ad_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\5e9b31b2ec8de803_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\5ff63e69bbe8fa3c_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\60b548093b7f1c4d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\92b8168192793911_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\92e31fe1b919cd66_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\94615c9a6099d7d2_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\94f523273133ad1a_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\95ddd53adf512dbc_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\97dd353c55aff7f8_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\9873f2673c3d8526_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\99e1ee03e42758be_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\9a48c20a6c6970e8_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\9ae29e3aa2842aa4_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\9b2d4542638c8d16_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\9b82ccf4af53b6a8_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\9c7627e2abfdccd9_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\9d0941604d7de9c1_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\a37cd7ad0d334d3f_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\a386189956ab7bb9_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\d3c58d3a88f5618a_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\d8e08324697a0a01_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\d9a56f39095d6987_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\d9ba3aa2fec10a15_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\db3c6466f084ebf4_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\de3ec9ddc2b44a14_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\e0ea107913adae0a_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\e10b4b56acb982cc_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\e357d97b554be873_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\e35ea7dc1c7e19ac_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\e685b2ebc644ef56_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\e8e2ce151826761e_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\22a42871dcb1101a_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\22a44a690f6df9f2_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\25aba580c575808f_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\26030386f7cfbeb3_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\26e4ff9ecddd5dc1_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\28b0dc98176c4830_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\28bb6cb770207239_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\293ed240bc1264c5_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\2a744e2a8ddc5215_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\2ae4c6c7a9b3ec27_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\2d5e1e7a317b7939_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\76dddbb58cb7031b_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\77e08b9b8b9a3168_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\78bc8d60282388d2_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\7bf30a28dfa9893d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\7c000d76bf1f0157_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\7cc07ed3c66ea2df_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\7fd48320d2231601_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\831810521d2feea0_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\84c76699722246d1_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\67b8233399ef3c0a_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\766cda478ea8e24e_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\86285c0e2a5ab7a8_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\a67a7318862561a7_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\bc0b4ce6dc40703c_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\d2a5bc0f440b0ef0_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\e96840897e658496_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\a682a844981d4e40_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\a90f0297d5bfc8b2_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\aa888114a9fbdc9e_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\aaeefa4ab6eecc50_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\b1ef2869e5362bf1_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\b25c58db0fee2b25_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\b289f232b5094c1c_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\b4b5593bb31743aa_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\b54a51c687d0f8e1_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\b844770e44333abb_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\ea34829245485817_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\eb6c84d93c82f411_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\ebfd932e35eb1606_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\ecfb11388b7aa485_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\eda7d6423171cfd5_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\ee368c55bdf4deb0_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\f61a114aa29835e2_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\f70f260ff6906f39_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\f7658fc23d9ca3db_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\f7a72a7b132e4405_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\f7f0827d429d48d5_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\f95fabb631e0d55a_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\fa63363d3ca087b7_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\fafbda6816d7b162_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\fca5d6c51c1310d9_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\ff24b1f8028ca0bc_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\index, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\124dd836a0efe489_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\1374982dcefea341_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\13a3fb9d2902fb82_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\147e0822752aba6d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\15cc7a904e9646be_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\18969091bcd95b7c_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\1b884a3326d47e6b_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\1dabfe2d28a6a19d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\1daf84db93d6dfe6_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\1dafb2ed7113577d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\1dea29c318e295dd_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\20d08ebe23d790a4_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\220e18fc98923f6e_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\2ed7a48cdf691d09_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\305fcbb0ccbceb0d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\315a39b606bc4359_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\322d928bcd27737a_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\327e2f346370c855_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\34c65f273f242ede_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\38628010c0fdbeaf_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\3b7e35eb8b037bd2_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\3bea56726573f216_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\3e4997c05b1b4686_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\42c87a85d5b6958d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\43cb8db4d827ac00_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\47cff2ba15008159_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\69d51fb93cfef550_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\6a46777b47d8863e_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\6b09da8b7388d231_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\6e38abbb47ff7603_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\6e8dd0d489f1b4f2_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\6e8e626374125728_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\7114f262fb3efe7b_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\724344affef6866f_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\72f3040e9aa19285_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\737a4047bf5ed587_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\bcf9d625242d30a8_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\c288e4b85077669f_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\c3dda71f7388ef35_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\c4c151d41cf155d6_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\c69520283aa67006_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\c89f38f36e14b01c_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\c8de9fbf41e4daa0_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\c97e1c023a3691fd_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\c97e49b414e0159e_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\ce6fbf4de7522baf_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\cf5385267dd3f851_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\873cb7e9b42342e4_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\8a2a3008b4a3fa53_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\8a2abd4eed83e9d6_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\8a89305e64fa0dc3_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\8b8a6730694eb1cb_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\8d8113aecd1a864d_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\8fcb6e646af79aca_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\90c15028014da3f8_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\913b355dd33000c0_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Cache\index-dir\the-real-index, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\databases\Databases.db, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\databases\Databases.db-journal, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\GPUCache\data_0, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\GPUCache\data_1, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\GPUCache\data_2, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\GPUCache\data_3, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\GPUCache\index, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\000005.bak, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\000005.ldb, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\000006.log, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\CURRENT, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\LOCK, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\LOG, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\LOG.old, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\IndexedDB\file__0.indexeddb.leveldb\MANIFEST-000004, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Local Storage\file__0.localstorage, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.Gameo.A, C:\Users\oneinc\AppData\Local\Gameo\Local Storage\file__0.localstorage-journal, In Quarantäne, [c96c34c0f59466d0b200875454b0b947], 
PUP.Optional.InetStat.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat\InetStat.lnk, In Quarantäne, [1f1616de98f1ec4ae866db0ef3111ae6], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-01-2015
Ran by oneinc (administrator) on ONEINC on 07-01-2015 00:31:59
Running from C:\Users\oneinc\Desktop
Loaded Profile: oneinc (Available profiles: oneinc)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Users\oneinc\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\ws.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
() C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-24] (AVAST Software)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast\setup\emupdate\d73d5d61-3def-4c0a-9af3-06ac494ab4eb.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Spotify Web Helper] => C:\Users\oneinc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-28] (Spotify Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Spotify] => C:\Users\oneinc\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-28] (Spotify Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Amazon Music] => C:\Users\oneinc\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\MountPoints2: {22840827-3105-11e3-be75-6cf049113d8f} - "H:\LaunchU3.exe" 
AppInit_DLLs: C:\Users\oneinc\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\oneinc\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found
AppInit_DLLs-x32: C:\Users\oneinc\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\oneinc\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\oneinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UDPixel.lnk
ShortcutTarget: UDPixel.lnk -> C:\Program Files (x86)\UDPixel\UDPixel.exe (hxxp://sam100.free.fr/UDPixel)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58222;https=127.0.0.1:58222
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\oneinc\AppData\Roaming\Mozilla\Firefox\Profiles\x3uzdn52.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3902786967-1432057805-4090323964-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\oneinc\AppData\Roaming\Mozilla\Firefox\Profiles\x3uzdn52.default\user.js
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-31]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-07]

Chrome: 
=======
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Web) - internal-remoting-viewer
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Web) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (Web) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Web) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Profile: C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Web) - C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-02]
CHR Extension: (Web) - C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-24] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-08-01] (Microsoft)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\RpcAgentSrv.exe [71832 2008-10-02] (SiSoftware) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [38984 2013-11-24] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [84328 2013-11-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2013-10-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-31] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1032416 2013-11-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [409832 2013-11-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-31] ()
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3744256 2012-11-21] (Qualcomm Atheros Communications, Inc.)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
U0 rylpfl; C:\Windows\System32\drivers\lklh.sys [79064 2015-01-07] (Malwarebytes Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\oneinc\AppData\Local\Temp\ALSysIO64.sys [X]
S1 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 00:31 - 2015-01-07 00:32 - 00018718 _____ () C:\Users\oneinc\Desktop\FRST.txt
2015-01-07 00:31 - 2015-01-07 00:32 - 00000000 ____D () C:\FRST
2015-01-07 00:31 - 2015-01-07 00:31 - 00000474 _____ () C:\Users\oneinc\Desktop\defogger_disable.log
2015-01-07 00:31 - 2015-01-07 00:31 - 00000000 _____ () C:\Users\oneinc\defogger_reenable
2015-01-07 00:29 - 2015-01-07 00:29 - 00079064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\lklh.sys
2015-01-07 00:27 - 2015-01-07 00:28 - 00380416 _____ () C:\Users\oneinc\Desktop\Gmer-19357.exe
2015-01-07 00:27 - 2015-01-07 00:27 - 02123776 _____ (Farbar) C:\Users\oneinc\Desktop\FRST64.exe
2015-01-07 00:27 - 2015-01-07 00:27 - 00050477 _____ () C:\Users\oneinc\Desktop\Defogger.exe
2015-01-07 00:26 - 2015-01-07 00:30 - 00000000 ____D () C:\Users\oneinc\Desktop\Neuer Ordner
2015-01-07 00:00 - 2015-01-07 00:01 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-07 00:00 - 2015-01-07 00:00 - 04188536 _____ (Piriform Ltd) C:\Users\oneinc\Downloads\ccsetup501_slim.exe
2014-12-28 15:50 - 2014-12-28 15:50 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-16 00:09 - 2014-12-16 00:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-13 19:57 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-13 19:57 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-11 15:45 - 2014-12-11 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-10 18:39 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 18:39 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 18:39 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 18:39 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 18:23 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 18:23 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 18:23 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 18:23 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 18:23 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 18:23 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 18:23 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 18:23 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 18:23 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 18:23 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 18:23 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 18:23 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 18:23 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 18:23 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 18:23 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 18:23 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 18:23 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 18:23 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 18:23 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 18:23 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 18:23 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 18:23 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 18:23 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 18:23 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 18:23 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 18:23 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 18:23 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 18:23 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 18:23 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 18:23 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 18:23 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 18:23 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 18:23 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 18:23 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 18:23 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 18:23 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 18:23 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 18:23 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 18:23 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 18:23 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 18:23 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 18:23 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 18:23 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 18:23 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 00:32 - 2014-03-17 15:34 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-07 00:31 - 2013-10-17 15:19 - 00000000 ____D () C:\Users\oneinc
2015-01-07 00:29 - 2014-09-06 21:49 - 00000000 ____D () C:\Users\oneinc\AppData\Roaming\InetStat
2015-01-07 00:29 - 2013-11-25 18:20 - 00000000 ____D () C:\ProgramData\Websteroids
2015-01-07 00:29 - 2013-11-25 18:20 - 00000000 ____D () C:\ProgramData\Updater
2015-01-07 00:29 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\DesktopTileResources
2015-01-07 00:27 - 2013-09-11 13:58 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-07 00:21 - 2013-09-11 13:37 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3902786967-1432057805-4090323964-1001
2015-01-07 00:17 - 2014-07-25 17:24 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 00:15 - 2014-07-25 17:24 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-07 00:15 - 2014-07-25 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-07 00:15 - 2014-07-25 17:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-07 00:15 - 2013-11-08 18:11 - 01047040 ___SH () C:\Users\oneinc\Desktop\Thumbs.db
2015-01-07 00:03 - 2014-03-14 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-07 00:03 - 2013-10-28 17:43 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-07 00:03 - 2013-10-17 16:15 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-07 00:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-06 23:49 - 2013-09-11 13:58 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 21:49 - 2013-09-11 13:58 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-06 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-04 16:51 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-04 16:51 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-04 16:51 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-28 15:50 - 2014-04-10 19:43 - 00000000 ___DO () C:\Users\oneinc\SkyDrive
2014-12-28 15:48 - 2014-05-26 20:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-28 15:48 - 2013-10-17 15:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-28 15:48 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-21 05:28 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-15 17:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-15 16:13 - 2013-09-22 17:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-15 16:11 - 2013-09-22 17:02 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-13 20:33 - 2014-11-15 21:35 - 00001239 _____ () C:\Users\oneinc\Desktop\Amazon Music.lnk
2014-12-13 19:49 - 2013-08-22 14:25 - 06291456 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-11 16:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 18:33 - 2013-10-09 18:21 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 18:32 - 2014-03-17 15:34 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-08 14:28 - 2014-12-07 21:09 - 00000000 ____D () C:\Users\oneinc\AppData\Roaming\PDF Architect 2

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-05 06:21

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-01-2015
Ran by oneinc at 2015-01-07 00:32:45
Running from C:\Users\oneinc\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.240 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2008 - Avast Software)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-J125 (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
CrystalDiskInfo 6.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.4 - Crystal Dew World)
doPDF (Version: 8.0.915 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{a54197ad-113d-41df-8f35-ad06151b4d42}) (Version: 8.0.915 - Softland)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.39.604 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.39.604 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.57 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
meinHausplaner (HKLM-x32\...\meinHausplaner) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
novaPDF 8 Printer Driver (HKLM\...\{5ED19569-C344-4C55-983F-AAF03CE33723}) (Version: 8.0.915 - Softland)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 24.0.1558.53 (HKLM-x32\...\Opera 24.0.1558.53) (Version: 24.0.1558.53 - Opera Software ASA)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
SiSoftware Sandra Lite 2013.SP6 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.66.2013.10 - SiSoftware)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UDPixel.exe (HKLM-x32\...\UDPixel) (Version:  - )
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.49 - Creative Island Media, LLC) <==== ATTENTION
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
YTD Video Downloader 4.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.6 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

21-12-2014 05:27:34 Windows Update
28-12-2014 16:23:18 Geplanter Prüfpunkt
05-01-2015 06:26:45 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08942C67-BF2F-418C-851B-BE76F92AF519} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11] (Google Inc.)
Task: {0E0ACF44-62CB-42C6-8DE0-6E98BCD88872} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11] (Google Inc.)
Task: {166258AC-3C52-435A-AEB7-9E830961700F} - \ASP No Task File <==== ATTENTION
Task: {2913F5B8-B072-421C-8AD5-B6C724946864} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {59131116-35C9-48F3-972A-8BA4AD3A1FD3} - System32\Tasks\Opera scheduled Autoupdate 1378903396 => C:\Program Files (x86)\Opera\launcher.exe [2014-08-27] (Opera Software)
Task: {5E3DC786-A497-4F2A-A94E-2A03ACF75315} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-24] (AVAST Software)
Task: {7C621DFE-39EC-472F-81D0-A7FE7747B477} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-15] (Microsoft Corporation)
Task: {90BDF400-075E-4027-8C7A-E75C68C28FC2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {95F4449F-E037-4F96-AE69-38D6454C1050} - System32\Tasks\{FA42EE2F-49DC-412A-BD32-E73B1512954C} => pcalua.exe -a C:\ProgramData\Websteroids\uninstall.exe -c /kb=y /ic=2
Task: {9DDAAE45-9B2E-4A0C-94FE-DE3938DD4358} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-08-01] ()
Task: {DEC7DBEB-1329-4427-8F1F-942459475EFA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-17 15:16 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-11 19:25 - 2014-08-11 19:25 - 00130933 ____N () C:\WINDOWS\TEMP\fe783e8b-f0bc-4703-9683-464fedcba743\AgileDotNetRT64.dll
2014-08-11 19:25 - 2014-08-11 19:25 - 00130933 ____N () C:\WINDOWS\TEMP\ea61bc6a-15ba-440c-8065-d70e53d325ff\AgileDotNetRT64.dll
2014-11-15 21:34 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\oneinc\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-09-03 14:18 - 2014-09-03 14:17 - 01372280 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe
2013-12-22 13:21 - 2013-12-22 09:44 - 02153472 _____ () C:\Program Files\AVAST Software\Avast\defs\13122200\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-10-26 19:35 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-10-31 19:06 - 2013-10-31 19:06 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-03 14:18 - 2014-08-27 10:15 - 00155768 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\message_center_win8.dll
2014-09-03 14:18 - 2014-09-03 14:17 - 01378936 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\libglesv2.dll
2014-09-03 14:18 - 2014-09-03 14:17 - 00182392 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\libegl.dll
2014-09-03 14:18 - 2014-09-03 14:17 - 00974968 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\oneinc\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\oneinc\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\StartupApproved\StartupFolder: => "UDPixel.lnk"
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\StartupApproved\Run: => "Amazon Music"

========================= Accounts: ==========================

Administrator (S-1-5-21-3902786967-1432057805-4090323964-500 - Administrator - Disabled)
Gast (S-1-5-21-3902786967-1432057805-4090323964-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3902786967-1432057805-4090323964-1019 - Limited - Enabled)
oneinc (S-1-5-21-3902786967-1432057805-4090323964-1001 - Administrator - Enabled) => C:\Users\oneinc

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2015 05:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x17dc
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (01/06/2015 01:34:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x1d08
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (01/04/2015 04:48:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x16c8
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (01/04/2015 02:20:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x17f4
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (12/21/2014 05:27:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (12/17/2014 05:32:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x1080
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (12/16/2014 10:45:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x5f4
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (12/16/2014 06:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x12b8
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (12/15/2014 05:53:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c48

Startzeit: 01d018868df157df

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe

Berichts-ID: dade54a8-847a-11e4-befe-6cf049113d8f

Vollständiger Name des fehlerhaften Pakets: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (12/15/2014 05:47:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.16384, Zeitstempel: 0x5215f00d
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x1764
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5


System errors:
=============
Error: (01/05/2015 06:22:54 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/05/2015 06:22:54 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/05/2015 06:22:54 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/05/2015 06:22:54 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:49:30 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:49:25 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:49:25 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:49:03 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:48:54 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:48:45 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.


Microsoft Office Sessions:
=========================
Error: (01/06/2015 05:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da917dc01d029c0efa021c3C:\WINDOWS\system32\LogonUI.exeC:\WINDOWS\system32\nvwgf2umx.dlld91c2ed4-95c0-11e4-beff-6cf049113d8f

Error: (01/06/2015 01:34:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da91d0801d0283e264898beC:\WINDOWS\system32\LogonUI.exeC:\WINDOWS\system32\nvwgf2umx.dll54b7945c-95a0-11e4-beff-6cf049113d8f

Error: (01/04/2015 04:48:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da916c801d0282abfe30473C:\WINDOWS\system32\LogonUI.exeC:\WINDOWS\system32\nvwgf2umx.dll2502e372-9429-11e4-beff-6cf049113d8f

Error: (01/04/2015 02:20:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da917f401d022b6a6cb9ff3C:\WINDOWS\system32\LogonUI.exeC:\WINDOWS\system32\nvwgf2umx.dll6246e5a0-9414-11e4-beff-6cf049113d8f

Error: (12/21/2014 05:27:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (12/17/2014 05:32:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da9108001d019799fe41a92C:\WINDOWS\System32\LogonUI.exeC:\WINDOWS\System32\nvwgf2umx.dll3ef63f09-860a-11e4-befe-6cf049113d8f

Error: (12/16/2014 10:45:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da95f401d019799fbb92f4C:\WINDOWS\System32\LogonUI.exeC:\WINDOWS\System32\nvwgf2umx.dlle413a6df-856c-11e4-befe-6cf049113d8f

Error: (12/16/2014 06:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da912b801d018c09d0942ecC:\WINDOWS\System32\LogonUI.exeC:\WINDOWS\System32\nvwgf2umx.dll8050c90d-854c-11e4-befe-6cf049113d8f

Error: (12/15/2014 05:53:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.16384c4801d018868df157df4294967295C:\WINDOWS\system32\backgroundTaskHost.exedade54a8-847a-11e4-befe-6cf049113d8fFacebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp

Error: (12/15/2014 05:47:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.163845215f00dUSER32.dll6.3.9600.1727853eebd22c000014200000000000ec0b4176401d01886e27fbe34C:\WINDOWS\System32\rundll32.exeUSER32.dll20329a2c-847a-11e4-befe-6cf049113d8f


CodeIntegrity Errors:
===================================
  Date: 2014-10-16 22:31:28.695
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-10-16 22:31:28.213
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-10-16 22:31:27.386
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-10-16 22:31:27.281
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X2 240 Processor
Percentage of memory in use: 41%
Total physical RAM: 4094.55 MB
Available physical RAM: 2408.87 MB
Total Pagefile: 5356.56 MB
Available Pagefile: 2750.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:45.8 GB) NTFS
Drive d: () (Fixed) (Total:186.3 GB) (Free:128.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: D8E0BAD5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 186.3 GB) (Disk ID: 309D309D)
Partition 1: (Not Active) - (Size=186.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================
__________________
Alt 07.01.2015, 15:14   #4
Coppelius5s
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-01-2015
Ran by oneinc at 2015-01-07 00:32:45
Running from C:\Users\oneinc\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.240 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2008 - Avast Software)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-J125 (HKLM-x32\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
CrystalDiskInfo 6.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.4 - Crystal Dew World)
doPDF (Version: 8.0.915 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{a54197ad-113d-41df-8f35-ad06151b4d42}) (Version: 8.0.915 - Softland)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.39.604 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.39.604 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.57 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
meinHausplaner (HKLM-x32\...\meinHausplaner) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
novaPDF 8 Printer Driver (HKLM\...\{5ED19569-C344-4C55-983F-AAF03CE33723}) (Version: 8.0.915 - Softland)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 24.0.1558.53 (HKLM-x32\...\Opera 24.0.1558.53) (Version: 24.0.1558.53 - Opera Software ASA)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
SiSoftware Sandra Lite 2013.SP6 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.66.2013.10 - SiSoftware)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UDPixel.exe (HKLM-x32\...\UDPixel) (Version:  - )
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.49 - Creative Island Media, LLC) <==== ATTENTION
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
YTD Video Downloader 4.6 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.6 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

21-12-2014 05:27:34 Windows Update
28-12-2014 16:23:18 Geplanter Prüfpunkt
05-01-2015 06:26:45 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08942C67-BF2F-418C-851B-BE76F92AF519} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11] (Google Inc.)
Task: {0E0ACF44-62CB-42C6-8DE0-6E98BCD88872} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-11] (Google Inc.)
Task: {166258AC-3C52-435A-AEB7-9E830961700F} - \ASP No Task File <==== ATTENTION
Task: {2913F5B8-B072-421C-8AD5-B6C724946864} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {59131116-35C9-48F3-972A-8BA4AD3A1FD3} - System32\Tasks\Opera scheduled Autoupdate 1378903396 => C:\Program Files (x86)\Opera\launcher.exe [2014-08-27] (Opera Software)
Task: {5E3DC786-A497-4F2A-A94E-2A03ACF75315} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-24] (AVAST Software)
Task: {7C621DFE-39EC-472F-81D0-A7FE7747B477} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-15] (Microsoft Corporation)
Task: {90BDF400-075E-4027-8C7A-E75C68C28FC2} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {95F4449F-E037-4F96-AE69-38D6454C1050} - System32\Tasks\{FA42EE2F-49DC-412A-BD32-E73B1512954C} => pcalua.exe -a C:\ProgramData\Websteroids\uninstall.exe -c /kb=y /ic=2
Task: {9DDAAE45-9B2E-4A0C-94FE-DE3938DD4358} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-08-01] ()
Task: {DEC7DBEB-1329-4427-8F1F-942459475EFA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-17 15:16 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-11 19:25 - 2014-08-11 19:25 - 00130933 ____N () C:\WINDOWS\TEMP\fe783e8b-f0bc-4703-9683-464fedcba743\AgileDotNetRT64.dll
2014-08-11 19:25 - 2014-08-11 19:25 - 00130933 ____N () C:\WINDOWS\TEMP\ea61bc6a-15ba-440c-8065-d70e53d325ff\AgileDotNetRT64.dll
2014-11-15 21:34 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\oneinc\AppData\Local\Amazon Music\Amazon Music Helper.exe
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-09-03 14:18 - 2014-09-03 14:17 - 01372280 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe
2013-12-22 13:21 - 2013-12-22 09:44 - 02153472 _____ () C:\Program Files\AVAST Software\Avast\defs\13122200\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-10-26 19:35 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-10-31 19:06 - 2013-10-31 19:06 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-03 14:18 - 2014-08-27 10:15 - 00155768 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\message_center_win8.dll
2014-09-03 14:18 - 2014-09-03 14:17 - 01378936 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\libglesv2.dll
2014-09-03 14:18 - 2014-09-03 14:17 - 00182392 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\libegl.dll
2014-09-03 14:18 - 2014-09-03 14:17 - 00974968 _____ () C:\Program Files (x86)\Opera\24.0.1558.53\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\oneinc\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\oneinc\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\StartupApproved\StartupFolder: => "UDPixel.lnk"
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\StartupApproved\Run: => "Amazon Music"

========================= Accounts: ==========================

Administrator (S-1-5-21-3902786967-1432057805-4090323964-500 - Administrator - Disabled)
Gast (S-1-5-21-3902786967-1432057805-4090323964-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3902786967-1432057805-4090323964-1019 - Limited - Enabled)
oneinc (S-1-5-21-3902786967-1432057805-4090323964-1001 - Administrator - Enabled) => C:\Users\oneinc

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2015 05:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x17dc
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (01/06/2015 01:34:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x1d08
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (01/04/2015 04:48:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x16c8
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (01/04/2015 02:20:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x17f4
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (12/21/2014 05:27:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (12/17/2014 05:32:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x1080
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (12/16/2014 10:45:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x5f4
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (12/16/2014 06:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215f6c5
Name des fehlerhaften Moduls: nvwgf2umx.dll, Version: 9.18.13.3788, Zeitstempel: 0x537a8ee2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000398da9
ID des fehlerhaften Prozesses: 0x12b8
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (12/15/2014 05:53:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c48

Startzeit: 01d018868df157df

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe

Berichts-ID: dade54a8-847a-11e4-befe-6cf049113d8f

Vollständiger Name des fehlerhaften Pakets: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (12/15/2014 05:47:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.16384, Zeitstempel: 0x5215f00d
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x1764
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5


System errors:
=============
Error: (01/05/2015 06:22:54 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/05/2015 06:22:54 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/05/2015 06:22:54 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/05/2015 06:22:54 AM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:49:30 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:49:25 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:49:25 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:49:03 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:48:54 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (01/04/2015 04:48:45 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.


Microsoft Office Sessions:
=========================
Error: (01/06/2015 05:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da917dc01d029c0efa021c3C:\WINDOWS\system32\LogonUI.exeC:\WINDOWS\system32\nvwgf2umx.dlld91c2ed4-95c0-11e4-beff-6cf049113d8f

Error: (01/06/2015 01:34:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da91d0801d0283e264898beC:\WINDOWS\system32\LogonUI.exeC:\WINDOWS\system32\nvwgf2umx.dll54b7945c-95a0-11e4-beff-6cf049113d8f

Error: (01/04/2015 04:48:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da916c801d0282abfe30473C:\WINDOWS\system32\LogonUI.exeC:\WINDOWS\system32\nvwgf2umx.dll2502e372-9429-11e4-beff-6cf049113d8f

Error: (01/04/2015 02:20:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da917f401d022b6a6cb9ff3C:\WINDOWS\system32\LogonUI.exeC:\WINDOWS\system32\nvwgf2umx.dll6246e5a0-9414-11e4-beff-6cf049113d8f

Error: (12/21/2014 05:27:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (12/17/2014 05:32:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da9108001d019799fe41a92C:\WINDOWS\System32\LogonUI.exeC:\WINDOWS\System32\nvwgf2umx.dll3ef63f09-860a-11e4-befe-6cf049113d8f

Error: (12/16/2014 10:45:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da95f401d019799fbb92f4C:\WINDOWS\System32\LogonUI.exeC:\WINDOWS\System32\nvwgf2umx.dlle413a6df-856c-11e4-befe-6cf049113d8f

Error: (12/16/2014 06:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.163845215f6c5nvwgf2umx.dll9.18.13.3788537a8ee2c00000050000000000398da912b801d018c09d0942ecC:\WINDOWS\System32\LogonUI.exeC:\WINDOWS\System32\nvwgf2umx.dll8050c90d-854c-11e4-befe-6cf049113d8f

Error: (12/15/2014 05:53:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.16384c4801d018868df157df4294967295C:\WINDOWS\system32\backgroundTaskHost.exedade54a8-847a-11e4-befe-6cf049113d8fFacebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nntApp

Error: (12/15/2014 05:47:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.163845215f00dUSER32.dll6.3.9600.1727853eebd22c000014200000000000ec0b4176401d01886e27fbe34C:\WINDOWS\System32\rundll32.exeUSER32.dll20329a2c-847a-11e4-befe-6cf049113d8f


CodeIntegrity Errors:
===================================
  Date: 2014-10-16 22:31:28.695
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-10-16 22:31:28.213
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-10-16 22:31:27.386
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-10-16 22:31:27.281
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) II X2 240 Processor
Percentage of memory in use: 41%
Total physical RAM: 4094.55 MB
Available physical RAM: 2408.87 MB
Total Pagefile: 5356.56 MB
Available Pagefile: 2750.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:45.8 GB) NTFS
Drive d: () (Fixed) (Total:186.3 GB) (Free:128.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: D8E0BAD5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 186.3 GB) (Disk ID: 309D309D)
Partition 1: (Not Active) - (Size=186.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Alt 07.01.2015, 15:28   #5
schrauber
/// the machine
/// TB-Ausbilder
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Websteroids

    YTD Video Downloader 4.6


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.01.2015, 16:05   #6
Coppelius5s
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Vielen Dank für die schnelle Hilfe.

Alles, wie beschrieben, durchgeführt.

Ein kleines Problem gab es mit meiner Anti-Virus Software, welche sich nicht deaktivieren wollte.
Aktuell schneit die Anti-Viren Software deaktiviert.

Im Anhang die Logs.

Code:
ATTFilter
# AdwCleaner v4.106 - Bericht erstellt am 07/01/2015 um 15:44:24
# Aktualisiert 21/12/2014 von Xplode
# Database : 2015-01-03.1 [Live]
# Betriebssystem : Windows 8.1 Pro  (64 bits)
# Benutzername : oneinc - ONEINC
# Gestartet von : C:\Users\oneinc\Downloads\AdwCleaner_4.106.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Updater
Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\ResultsAlpha
Ordner Gelöscht : C:\Users\oneinc\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\oneinc\AppData\Local\pdfforge
Ordner Gelöscht : C:\Users\oneinc\AppData\Roaming\Gameo
Ordner Gelöscht : C:\Users\oneinc\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\oneinc\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\oneinc\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\oneinc\AppData\Roaming\Opera Software\Opera Stable\Extensions\npnkeeiehehhefofiekoflfedgehcdhl
Datei Gelöscht : C:\Users\oneinc\AppData\Roaming\Mozilla\Firefox\Profiles\x3uzdn52.default\user.js

***** [ Tasks ] *****

Task Gelöscht : ASP

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\oneinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\gameo
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\oneinc\AppData\Local\Smartbar\Application\Resources\crdlil.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\oneinc\AppData\Local\Smartbar\Application\Resources\crdlil64.dll
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v34.0.5 (x86 de)


-\\ Google Chrome v31.0.1650.57

[C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjEs92GFe6jqPBYr5R8Pe5-GFzyscpAi0e0UdYNv5TSeSaZELc0IhZBPcrM1WhDPbXLsM8i4k-6Vm-fhKIouF3oBesLnW-P-uMsPs5j250o6ca2MS93XkT9wfnYy3-rs1ka88FnqM_Ub7rI58q1LAL0bfaAV-FJ3R-EEw,,&q={searchTerms}
[C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjEs92GFe6jqPBYr5R8Pe5-GFzyscpAi0e0UdYNv5TSeSaZELc0IhZBPcrM1WhDPbXLsM8i4k-6Vm-fhKIouF3oBesLnW-P-uMsPs5j250o6ca2MS93XkT9wfnYy3-rs1ka88FnqM_Ub7rI58q1LAL0bfaAV-FJ3R-EEw,,&q={searchTerms}
[C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : ddkeieaieohnceanbhdeijclgemgjjkf

-\\ Opera v24.0.1558.53

[C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjEs92GFe6jqPBYr5R8Pe5-GFzyscpAi0e0UdYNv5TSeSaZELc0IhZBPcrM1WhDPbXLsM8i4k-6Vm-fhKIouF3oBesLnW-P-uMsPs5j250o6ca2MS93XkT9wfnYy3-rs1ka88FnqM_Ub7rI58q1LAL0bfaAV-FJ3R-EEw,,&q={searchTerms}
[C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjEs92GFe6jqPBYr5R8Pe5-GFzyscpAi0e0UdYNv5TSeSaZELc0IhZBPcrM1WhDPbXLsM8i4k-6Vm-fhKIouF3oBesLnW-P-uMsPs5j250o6ca2MS93XkT9wfnYy3-rs1ka88FnqM_Ub7rI58q1LAL0bfaAV-FJ3R-EEw,,&q={searchTerms}
[C:\Users\oneinc\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : npnkeeiehehhefofiekoflfedgehcdhl

*************************

AdwCleaner[R0].txt - [1125 octets] - [26/11/2013 18:53:34]
AdwCleaner[R1].txt - [5049 octets] - [07/01/2015 15:43:08]
AdwCleaner[S0].txt - [5601 octets] - [07/01/2015 15:44:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5661 octets] ##########

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 Pro x64
Ran by oneinc on 07.01.2015 at 15:52:50,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update resultsalpha
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util resultsalpha



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.01.2015 at 15:59:37,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by oneinc (administrator) on ONEINC on 07-01-2015 16:04:16
Running from C:\Users\oneinc\Desktop
Loaded Profile: oneinc (Available profiles: oneinc)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
() C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-24] (AVAST Software)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast\setup\emupdate\d73d5d61-3def-4c0a-9af3-06ac494ab4eb.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Spotify Web Helper] => C:\Users\oneinc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-28] (Spotify Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Spotify] => C:\Users\oneinc\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-28] (Spotify Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Amazon Music] => C:\Users\oneinc\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\MountPoints2: {22840827-3105-11e3-be75-6cf049113d8f} - "H:\LaunchU3.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\oneinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UDPixel.lnk
ShortcutTarget: UDPixel.lnk -> C:\Program Files (x86)\UDPixel\UDPixel.exe (hxxp://sam100.free.fr/UDPixel)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58222;https=127.0.0.1:58222
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\oneinc\AppData\Roaming\Mozilla\Firefox\Profiles\x3uzdn52.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3902786967-1432057805-4090323964-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-31]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-07]

Chrome: 
=======
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Web) - internal-remoting-viewer
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Web) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (Web) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Web) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Profile: C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Web) - C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-02]
CHR Extension: (Web) - C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-24] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-08-01] (Microsoft)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\RpcAgentSrv.exe [71832 2008-10-02] (SiSoftware) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [38984 2013-11-24] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [84328 2013-11-24] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2013-10-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-31] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1032416 2013-11-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [409832 2013-11-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-31] ()
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3744256 2012-11-21] (Qualcomm Atheros Communications, Inc.)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\oneinc\AppData\Local\Temp\ALSysIO64.sys [X]
S1 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 15:59 - 2015-01-07 15:59 - 00000883 _____ () C:\Users\oneinc\Desktop\JRT.txt
2015-01-07 15:53 - 2015-01-07 15:53 - 00000000 ____D () C:\Users\oneinc\Desktop\FRST-OlderVersion
2015-01-07 15:50 - 2015-01-07 15:50 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-07 15:47 - 2015-01-07 15:47 - 01707939 _____ (Thisisu) C:\Users\oneinc\Downloads\JRT.exe
2015-01-07 15:45 - 2015-01-07 15:45 - 00053024 _____ () C:\WINDOWS\PFRO.log
2015-01-07 15:42 - 2015-01-07 15:42 - 02173952 _____ () C:\Users\oneinc\Downloads\AdwCleaner_4.106.exe
2015-01-07 15:37 - 2015-01-07 15:37 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\oneinc\Downloads\revosetup95.exe
2015-01-07 15:37 - 2015-01-07 15:37 - 00001284 _____ () C:\Users\oneinc\Desktop\Revo Uninstaller.lnk
2015-01-07 15:37 - 2015-01-07 15:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-07 15:07 - 2015-01-07 15:28 - 00053747 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-07 00:32 - 2015-01-07 00:33 - 00030951 _____ () C:\Users\oneinc\Desktop\Addition.txt
2015-01-07 00:31 - 2015-01-07 16:04 - 00017709 _____ () C:\Users\oneinc\Desktop\FRST.txt
2015-01-07 00:31 - 2015-01-07 16:04 - 00000000 ____D () C:\FRST
2015-01-07 00:31 - 2015-01-07 00:31 - 00000474 _____ () C:\Users\oneinc\Desktop\defogger_disable.log
2015-01-07 00:31 - 2015-01-07 00:31 - 00000000 _____ () C:\Users\oneinc\defogger_reenable
2015-01-07 00:27 - 2015-01-07 15:53 - 02124288 _____ (Farbar) C:\Users\oneinc\Desktop\FRST64.exe
2015-01-07 00:26 - 2015-01-07 00:34 - 00000000 ____D () C:\Users\oneinc\Desktop\Neuer Ordner
2015-01-07 00:00 - 2015-01-07 00:01 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-07 00:00 - 2015-01-07 00:00 - 04188536 _____ (Piriform Ltd) C:\Users\oneinc\Downloads\ccsetup501_slim.exe
2014-12-28 15:50 - 2014-12-28 15:50 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-16 00:09 - 2014-12-16 00:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-13 19:57 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-13 19:57 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-11 15:45 - 2014-12-11 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-10 18:39 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 18:39 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 18:39 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 18:39 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 18:23 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 18:23 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 18:23 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 18:23 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 18:23 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 18:23 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 18:23 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 18:23 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 18:23 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 18:23 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 18:23 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 18:23 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 18:23 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 18:23 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 18:23 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 18:23 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 18:23 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 18:23 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 18:23 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 18:23 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 18:23 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 18:23 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 18:23 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 18:23 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 18:23 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 18:23 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 18:23 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 18:23 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 18:23 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 18:23 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 18:23 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 18:23 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 18:23 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 18:23 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 18:23 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 18:23 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 18:23 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 18:23 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 18:23 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 18:23 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 18:23 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 18:23 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 18:23 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 18:23 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 16:00 - 2013-09-11 13:37 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3902786967-1432057805-4090323964-1001
2015-01-07 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-07 15:52 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-07 15:52 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-07 15:52 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-07 15:49 - 2013-09-11 13:58 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-07 15:47 - 2013-09-11 13:58 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-07 15:46 - 2014-04-10 19:43 - 00000000 ___DO () C:\Users\oneinc\SkyDrive
2015-01-07 15:46 - 2013-09-11 13:58 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 15:45 - 2013-10-17 15:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-07 15:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\DesktopTileResources
2015-01-07 15:45 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-07 15:44 - 2014-09-06 21:48 - 00001116 _____ () C:\Users\oneinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-07 15:44 - 2013-11-26 18:53 - 00000000 ____D () C:\AdwCleaner
2015-01-07 15:44 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-07 15:32 - 2014-03-17 15:34 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-07 01:01 - 2013-10-17 15:19 - 00000000 ____D () C:\Users\oneinc
2015-01-07 00:48 - 2014-07-25 17:24 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 00:15 - 2014-07-25 17:24 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-07 00:15 - 2014-07-25 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-07 00:15 - 2014-07-25 17:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-07 00:15 - 2013-11-08 18:11 - 01047040 ___SH () C:\Users\oneinc\Desktop\Thumbs.db
2015-01-07 00:03 - 2014-03-14 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-07 00:03 - 2013-10-28 17:43 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-07 00:03 - 2013-10-17 16:15 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-06 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-28 15:48 - 2014-05-26 20:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-21 05:28 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-15 17:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-15 16:13 - 2013-09-22 17:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-15 16:11 - 2013-09-22 17:02 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-13 20:33 - 2014-11-15 21:35 - 00001239 _____ () C:\Users\oneinc\Desktop\Amazon Music.lnk
2014-12-11 16:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 18:33 - 2013-10-09 18:21 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 18:32 - 2014-03-17 15:34 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-08 14:28 - 2014-12-07 21:09 - 00000000 ____D () C:\Users\oneinc\AppData\Roaming\PDF Architect 2

Some content of TEMP:
====================
C:\Users\oneinc\AppData\Local\Temp\Quarantine.exe
C:\Users\oneinc\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-05 06:21

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 07.01.2015, 18:02   #7
schrauber
/// the machine
/// TB-Ausbilder
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.01.2015, 00:09   #8
Coppelius5s
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Hier, wie gewünscht, die Log-Files.

Eine Verbesserung ist eingetreten. Der Rechner läuft besser und auch die Internetverbindung ist schneller.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8023e0acc9a57245ae91aa973c5180e8
# engine=21854
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-07 06:18:44
# local_time=2015-01-07 07:18:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 4515 8826 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4595452 36778004 0 0
# scanned=142281
# found=8
# cleaned=0
# scan_time=3585
sh=62EFF687E2B7644CA5521F4604E53A961770F897 ft=1 fh=2512fcff4fb6b5da vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.Bromon.dll.vir"
sh=B1EE123BD92BFCDFA448EA03E497C7938CBD17B3 ft=1 fh=d938b07dbfdb8f55 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.BrowserAdapterS.dll.vir"
sh=4DB6CFD18DB6B39C3F70A8CAA996B317A79E0064 ft=1 fh=a57ee2cb830a8903 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.CompatibilityChecker.dll.vir"
sh=89EB9A595D040833C9F27F5C0FA20C256DED42A1 ft=1 fh=5e6c0328cd81801c vn="Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.FFUpdate.dll.vir"
sh=2B4D533C1004811DA2C386EB1960B4F74A2D4D3D ft=1 fh=31d7a16d9b665056 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.IEUpdate.dll.vir"
sh=54EA3D651A1953AEEFC8BF564995C7ABB9C05CA1 ft=1 fh=0cf9c37a3ec820e1 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.PurBrowseG.dll.vir"
sh=A416ACC21756868987F275190BD1033BF74E180C ft=1 fh=d3699c00a2c5c199 vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\oneinc\AppData\Local\DownloadGuide\Offers\protegere.exe.vir"
sh=95D1E596ACC1912879100C54027750C1772027C7 ft=1 fh=212faf0536ad9d68 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\oneinc\AppData\Local\DownloadGuide\Offers\ResultsAlphaSetup.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8023e0acc9a57245ae91aa973c5180e8
# engine=21854
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-07 09:37:15
# local_time=2015-01-07 10:37:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 20026 20737 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4610963 36789915 0 0
# scanned=297900
# found=23
# cleaned=0
# scan_time=11859
sh=62EFF687E2B7644CA5521F4604E53A961770F897 ft=1 fh=2512fcff4fb6b5da vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.Bromon.dll.vir"
sh=B1EE123BD92BFCDFA448EA03E497C7938CBD17B3 ft=1 fh=d938b07dbfdb8f55 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.BrowserAdapterS.dll.vir"
sh=4DB6CFD18DB6B39C3F70A8CAA996B317A79E0064 ft=1 fh=a57ee2cb830a8903 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.CompatibilityChecker.dll.vir"
sh=89EB9A595D040833C9F27F5C0FA20C256DED42A1 ft=1 fh=5e6c0328cd81801c vn="Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.FFUpdate.dll.vir"
sh=2B4D533C1004811DA2C386EB1960B4F74A2D4D3D ft=1 fh=31d7a16d9b665056 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.IEUpdate.dll.vir"
sh=54EA3D651A1953AEEFC8BF564995C7ABB9C05CA1 ft=1 fh=0cf9c37a3ec820e1 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ResultsAlpha\bin\plugins\ResultsAlpha.PurBrowseG.dll.vir"
sh=A416ACC21756868987F275190BD1033BF74E180C ft=1 fh=d3699c00a2c5c199 vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\oneinc\AppData\Local\DownloadGuide\Offers\protegere.exe.vir"
sh=95D1E596ACC1912879100C54027750C1772027C7 ft=1 fh=212faf0536ad9d68 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\oneinc\AppData\Local\DownloadGuide\Offers\ResultsAlphaSetup.exe.vir"
sh=F9B0C0E1F3622DC0CE42E8F931754673E22DD889 ft=0 fh=0000000000000000 vn="Win32/HackTool.Steam.E Trojaner" ac=I fn="C:\Users\oneinc\AppData\Roaming\Opera Software\Opera Stable\File System\002\t\00\00000000"
sh=7261F98CB7020156E6FC48D435A7017D92F8A11F ft=1 fh=1e4266cc11e4a593 vn="Win32/HackTool.Steam.E Trojaner" ac=I fn="C:\Users\oneinc\Desktop\DesTrash\Dayz\Steam2WrapperLauncher.exe"
sh=40D89BFEE833AF9B0AB5B89E0728AF4649A079CF ft=1 fh=8d74864dc83f810b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\Akvis Magnifier - CHIP-Installer.exe"
sh=5597231CC9370CAAE7AAA1F0985947AC19A6BB60 ft=1 fh=05fd6faf6ad53076 vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\mein-hpl-2012-frei-50-Downloader.exe"
sh=7BA0A01D63E1511F6101A736D157C4D1F885EDEB ft=1 fh=1aba12d0f1f8efc7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\PDFCreator-2_0_0-setup.exe"
sh=230900AA41164243B4D871A48A0061E71EC94FB1 ft=1 fh=a5e6dbc321a14611 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\10.11\sisoft-sandra-lite-2013-19-66.exe"
sh=6D6F591B036398FE29624861504017760E34A433 ft=1 fh=7da278ab98611d15 vn="Variante von Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\22.04.14\CheatEngine63.exe"
sh=67CF01432AD5C7E3ACF734812A034B2150C41032 ft=1 fh=1338aa488cdf160b vn="Variante von MSIL/DownloadGuide.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\22.04.14\mein-hpl-2012-frei-50-Downloader.exe"
sh=2535D0C7BEAC16AFED9447DCE8A4A55423B24A7F ft=1 fh=c71c00113d4bbb56 vn="Variante von Win32/Amonetize.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\22.04.14\Unlimited Downloads__3339_i567367728_il426.exe"
sh=EB3640D5075D94063758045029E6BE56977C7D12 ft=1 fh=c8a755df07e1cd60 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\22.04.14\vioplayerv (1).exe"
sh=EB3640D5075D94063758045029E6BE56977C7D12 ft=1 fh=c8a755df07e1cd60 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\22.04.14\vioplayerv (2).exe"
sh=EB3640D5075D94063758045029E6BE56977C7D12 ft=1 fh=c8a755df07e1cd60 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\22.04.14\vioplayerv (3).exe"
sh=EB3640D5075D94063758045029E6BE56977C7D12 ft=1 fh=c8a755df07e1cd60 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\22.04.14\vioplayerv (4).exe"
sh=EB3640D5075D94063758045029E6BE56977C7D12 ft=1 fh=c8a755df07e1cd60 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\22.04.14\vioplayerv (5).exe"
sh=EB3640D5075D94063758045029E6BE56977C7D12 ft=1 fh=c8a755df07e1cd60 vn="Variante von Win32/InstallIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\oneinc\Downloads\22.04.14\vioplayerv.exe"

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by oneinc (administrator) on ONEINC on 08-01-2015 00:05:33
Running from C:\Users\oneinc\Desktop
Loaded Profile: oneinc (Available profiles: oneinc)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast2\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast2\AvastUI.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt\Facebook.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
() C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
() C:\Users\oneinc\Downloads\SecurityCheck (2).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast2\AvastUI.exe [5225064 2015-01-07] (AVAST Software)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast\setup\emupdate\d73d5d61-3def-4c0a-9af3-06ac494ab4eb.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Spotify Web Helper] => C:\Users\oneinc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-28] (Spotify Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Spotify] => C:\Users\oneinc\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-28] (Spotify Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Amazon Music] => C:\Users\oneinc\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\MountPoints2: {22840827-3105-11e3-be75-6cf049113d8f} - "H:\LaunchU3.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\oneinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UDPixel.lnk
ShortcutTarget: UDPixel.lnk -> C:\Program Files (x86)\UDPixel\UDPixel.exe (hxxp://sam100.free.fr/UDPixel)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast2\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58222;https=127.0.0.1:58222
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast2\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast2\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast2\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\oneinc\AppData\Roaming\Mozilla\Firefox\Profiles\x3uzdn52.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3902786967-1432057805-4090323964-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast2\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast2\WebRep\FF [2015-01-07]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-07]

Chrome: 
=======
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Web) - internal-remoting-viewer
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Web) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Web) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (Web) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Web) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Profile: C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Web) - C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-02]
CHR Extension: (Web) - C:\Users\oneinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast2\WebRep\Chrome\aswWebRepChrome.crx [2015-01-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast2\AvastSvc.exe [50344 2015-01-07] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-08-01] (Microsoft)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\RpcAgentSrv.exe [71832 2008-10-02] (SiSoftware) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-07] ()
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3744256 2012-11-21] (Qualcomm Atheros Communications, Inc.)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\oneinc\AppData\Local\Temp\ALSysIO64.sys [X]
S1 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 00:03 - 2015-01-08 00:03 - 00852505 _____ () C:\Users\oneinc\Downloads\SecurityCheck (2).exe
2015-01-07 20:01 - 2015-01-07 20:01 - 00060282 _____ () C:\Users\oneinc\Downloads\72B.tmp
2015-01-07 20:01 - 2015-01-07 20:01 - 00060282 _____ () C:\Users\oneinc\Downloads\6859.tmp
2015-01-07 18:26 - 2015-01-07 18:26 - 00852505 _____ () C:\Users\oneinc\Downloads\SecurityCheck.exe
2015-01-07 18:26 - 2015-01-07 18:26 - 00852505 _____ () C:\Users\oneinc\Downloads\SecurityCheck (1).exe
2015-01-07 18:09 - 2015-01-07 18:09 - 02347384 _____ (ESET) C:\Users\oneinc\Downloads\esetsmartinstaller_deu.exe
2015-01-07 18:09 - 2015-01-07 18:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-07 17:57 - 2015-01-07 17:57 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-07 17:57 - 2015-01-07 17:57 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-07 17:52 - 2015-01-07 17:57 - 00001991 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-07 17:52 - 2015-01-07 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-07 17:51 - 2015-01-07 17:57 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-01-07 17:51 - 2015-01-07 17:57 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-07 17:33 - 2015-01-07 17:38 - 131078000 _____ (AVAST Software) C:\Users\oneinc\Downloads\avast_free_antivirus_setup.exe
2015-01-07 16:27 - 2015-01-07 16:27 - 05186048 _____ () C:\Users\oneinc\Downloads\WindowsDefender.msi
2015-01-07 15:59 - 2015-01-07 15:59 - 00000883 _____ () C:\Users\oneinc\Desktop\JRT.txt
2015-01-07 15:53 - 2015-01-07 15:53 - 00000000 ____D () C:\Users\oneinc\Desktop\FRST-OlderVersion
2015-01-07 15:50 - 2015-01-07 15:50 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-07 15:47 - 2015-01-07 15:47 - 01707939 _____ (Thisisu) C:\Users\oneinc\Downloads\JRT.exe
2015-01-07 15:45 - 2015-01-07 18:03 - 00060490 _____ () C:\WINDOWS\PFRO.log
2015-01-07 15:42 - 2015-01-07 15:42 - 02173952 _____ () C:\Users\oneinc\Downloads\AdwCleaner_4.106.exe
2015-01-07 15:37 - 2015-01-07 15:37 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\oneinc\Downloads\revosetup95.exe
2015-01-07 15:37 - 2015-01-07 15:37 - 00001284 _____ () C:\Users\oneinc\Desktop\Revo Uninstaller.lnk
2015-01-07 15:37 - 2015-01-07 15:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-07 15:07 - 2015-01-07 23:27 - 00309936 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-07 00:32 - 2015-01-07 00:33 - 00030951 _____ () C:\Users\oneinc\Desktop\Addition.txt
2015-01-07 00:31 - 2015-01-08 00:05 - 00018445 _____ () C:\Users\oneinc\Desktop\FRST.txt
2015-01-07 00:31 - 2015-01-08 00:05 - 00000000 ____D () C:\FRST
2015-01-07 00:31 - 2015-01-07 00:31 - 00000474 _____ () C:\Users\oneinc\Desktop\defogger_disable.log
2015-01-07 00:31 - 2015-01-07 00:31 - 00000000 _____ () C:\Users\oneinc\defogger_reenable
2015-01-07 00:27 - 2015-01-07 15:53 - 02124288 _____ (Farbar) C:\Users\oneinc\Desktop\FRST64.exe
2015-01-07 00:26 - 2015-01-07 00:34 - 00000000 ____D () C:\Users\oneinc\Desktop\Neuer Ordner
2015-01-07 00:00 - 2015-01-07 00:01 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-07 00:00 - 2015-01-07 00:00 - 04188536 _____ (Piriform Ltd) C:\Users\oneinc\Downloads\ccsetup501_slim.exe
2014-12-28 15:50 - 2014-12-28 15:50 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-16 00:09 - 2014-12-16 00:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-13 19:57 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-13 19:57 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-11 15:45 - 2014-12-11 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-10 18:39 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 18:39 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 18:39 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 18:39 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 18:23 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 18:23 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 18:23 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 18:23 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 18:23 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 18:23 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 18:23 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 18:23 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 18:23 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 18:23 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 18:23 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 18:23 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 18:23 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 18:23 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 18:23 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 18:23 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 18:23 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 18:23 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 18:23 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 18:23 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 18:23 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 18:23 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 18:23 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 18:23 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 18:23 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 18:23 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 18:23 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 18:23 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 18:23 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 18:23 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 18:23 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 18:23 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 18:23 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 18:23 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 18:23 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 18:23 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 18:23 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 18:23 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 18:23 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 18:23 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 18:23 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 18:23 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 18:23 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 18:23 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 00:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-07 23:59 - 2013-09-11 13:58 - 00004184 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-07 23:49 - 2013-09-11 13:58 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-07 23:32 - 2014-03-17 15:34 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-07 22:37 - 2013-09-11 13:37 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3902786967-1432057805-4090323964-1001
2015-01-07 21:49 - 2013-09-11 13:58 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 20:21 - 2014-11-16 18:19 - 00000000 ____D () C:\Users\oneinc\AppData\Local\SimilarImages
2015-01-07 20:01 - 2014-01-31 16:49 - 00499200 ___SH () C:\Users\oneinc\Downloads\Thumbs.db
2015-01-07 18:11 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-07 18:11 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-07 18:11 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-07 18:06 - 2014-04-10 19:43 - 00000000 ___DO () C:\Users\oneinc\SkyDrive
2015-01-07 18:05 - 2013-10-17 15:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-07 18:05 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-07 18:03 - 2013-08-22 14:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-07 17:58 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-07 17:57 - 2013-10-31 19:06 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-07 17:51 - 2013-10-31 19:06 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-07 15:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\DesktopTileResources
2015-01-07 15:44 - 2014-09-06 21:48 - 00001116 _____ () C:\Users\oneinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-07 15:44 - 2013-11-26 18:53 - 00000000 ____D () C:\AdwCleaner
2015-01-07 01:01 - 2013-10-17 15:19 - 00000000 ____D () C:\Users\oneinc
2015-01-07 00:48 - 2014-07-25 17:24 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 00:15 - 2014-07-25 17:24 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-07 00:15 - 2014-07-25 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-07 00:15 - 2014-07-25 17:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-07 00:15 - 2013-11-08 18:11 - 01047040 ___SH () C:\Users\oneinc\Desktop\Thumbs.db
2015-01-07 00:03 - 2014-03-14 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-07 00:03 - 2013-10-28 17:43 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-07 00:03 - 2013-10-17 16:15 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-06 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-28 15:48 - 2014-05-26 20:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-21 05:28 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-15 17:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-15 16:13 - 2013-09-22 17:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-15 16:11 - 2013-09-22 17:02 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-13 20:33 - 2014-11-15 21:35 - 00001239 _____ () C:\Users\oneinc\Desktop\Amazon Music.lnk
2014-12-11 16:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 18:33 - 2013-10-09 18:21 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 18:32 - 2014-03-17 15:34 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-07 22:37

==================== End Of Log ============================
--- --- ---


Code:
ATTFilter
 Results of screen317's Security Check version 0.99.93  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 71  
  Adobe Flash Player 	15.0.0.246 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (34.0.5) 
 Google Chrome 30.0.1599.101  Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast2 AvastSvc.exe  
 AVAST Software Avast2 AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Alt 08.01.2015, 08:02   #9
schrauber
/// the machine
/// TB-Ausbilder
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Flash Player udn Chrome updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\oneinc\AppData\Roaming\Opera Software\Opera Stable\File System\002\t\00\00000000

C:\Users\oneinc\Desktop\DesTrash\Dayz\Steam2WrapperLauncher.exe

C:\Users\oneinc\Downloads\Akvis Magnifier - CHIP-Installer.exe

C:\Users\oneinc\Downloads\mein-hpl-2012-frei-50-Downloader.exe

C:\Users\oneinc\Downloads\PDFCreator-2_0_0-setup.exe

C:\Users\oneinc\Downloads\10.11\sisoft-sandra-lite-2013-19-66.exe

C:\Users\oneinc\Downloads\22.04.14\CheatEngine63.exe

C:\Users\oneinc\Downloads\22.04.14\mein-hpl-2012-frei-50-Downloader.exe

C:\Users\oneinc\Downloads\22.04.14\Unlimited Downloads__3339_i567367728_il426.exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (1).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (2).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (3).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (4).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (5).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58222;https=127.0.0.1:58222
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Frisches FRST Log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.01.2015, 22:20   #10
Coppelius5s
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Vielen Dank


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by oneinc (administrator) on ONEINC on 08-01-2015 22:18:01
Running from C:\Users\oneinc\Desktop
Loaded Profile: oneinc (Available profiles: oneinc)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast2\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
() C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast2\AvastUI.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast2\AvastUI.exe [5225064 2015-01-07] (AVAST Software)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast\setup\emupdate\d73d5d61-3def-4c0a-9af3-06ac494ab4eb.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Spotify Web Helper] => C:\Users\oneinc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-28] (Spotify Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Spotify] => C:\Users\oneinc\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-28] (Spotify Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [Amazon Music] => C:\Users\oneinc\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\...\MountPoints2: {22840827-3105-11e3-be75-6cf049113d8f} - "H:\LaunchU3.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\oneinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\UDPixel.lnk
ShortcutTarget: UDPixel.lnk -> C:\Program Files (x86)\UDPixel\UDPixel.exe (hxxp://sam100.free.fr/UDPixel)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast2\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast2\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast2\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast2\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\oneinc\AppData\Roaming\Mozilla\Firefox\Profiles\x3uzdn52.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3902786967-1432057805-4090323964-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-10-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast2\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast2\WebRep\FF [2015-01-07]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-07]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast2\WebRep\Chrome\aswWebRepChrome.crx [2015-01-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast2\AvastSvc.exe [50344 2015-01-07] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-08-01] (Microsoft)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\RpcAgentSrv.exe [71832 2008-10-02] (SiSoftware) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-07] ()
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [3744256 2012-11-21] (Qualcomm Atheros Communications, Inc.)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\oneinc\AppData\Local\Temp\ALSysIO64.sys [X]
S1 aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 00:03 - 2015-01-08 00:03 - 00852505 _____ () C:\Users\oneinc\Downloads\SecurityCheck (2).exe
2015-01-07 20:01 - 2015-01-07 20:01 - 00060282 _____ () C:\Users\oneinc\Downloads\72B.tmp
2015-01-07 20:01 - 2015-01-07 20:01 - 00060282 _____ () C:\Users\oneinc\Downloads\6859.tmp
2015-01-07 18:26 - 2015-01-07 18:26 - 00852505 _____ () C:\Users\oneinc\Downloads\SecurityCheck.exe
2015-01-07 18:26 - 2015-01-07 18:26 - 00852505 _____ () C:\Users\oneinc\Downloads\SecurityCheck (1).exe
2015-01-07 18:09 - 2015-01-07 18:09 - 02347384 _____ (ESET) C:\Users\oneinc\Downloads\esetsmartinstaller_deu.exe
2015-01-07 18:09 - 2015-01-07 18:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-07 17:57 - 2015-01-07 17:57 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-01-07 17:57 - 2015-01-07 17:57 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-01-07 17:52 - 2015-01-07 17:57 - 00001991 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-07 17:52 - 2015-01-07 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-07 17:51 - 2015-01-07 17:57 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-01-07 17:51 - 2015-01-07 17:57 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-01-07 17:33 - 2015-01-07 17:38 - 131078000 _____ (AVAST Software) C:\Users\oneinc\Downloads\avast_free_antivirus_setup.exe
2015-01-07 16:27 - 2015-01-07 16:27 - 05186048 _____ () C:\Users\oneinc\Downloads\WindowsDefender.msi
2015-01-07 15:59 - 2015-01-07 15:59 - 00000883 _____ () C:\Users\oneinc\Desktop\JRT.txt
2015-01-07 15:53 - 2015-01-07 15:53 - 00000000 ____D () C:\Users\oneinc\Desktop\FRST-OlderVersion
2015-01-07 15:50 - 2015-01-07 15:50 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-07 15:47 - 2015-01-07 15:47 - 01707939 _____ (Thisisu) C:\Users\oneinc\Downloads\JRT.exe
2015-01-07 15:45 - 2015-01-08 22:16 - 00062088 _____ () C:\WINDOWS\PFRO.log
2015-01-07 15:42 - 2015-01-07 15:42 - 02173952 _____ () C:\Users\oneinc\Downloads\AdwCleaner_4.106.exe
2015-01-07 15:37 - 2015-01-07 15:37 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\oneinc\Downloads\revosetup95.exe
2015-01-07 15:37 - 2015-01-07 15:37 - 00001284 _____ () C:\Users\oneinc\Desktop\Revo Uninstaller.lnk
2015-01-07 15:37 - 2015-01-07 15:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-07 15:07 - 2015-01-08 20:57 - 00484232 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-07 00:32 - 2015-01-07 00:33 - 00030951 _____ () C:\Users\oneinc\Desktop\Addition.txt
2015-01-07 00:31 - 2015-01-08 22:18 - 00016464 _____ () C:\Users\oneinc\Desktop\FRST.txt
2015-01-07 00:31 - 2015-01-08 22:18 - 00000000 ____D () C:\FRST
2015-01-07 00:31 - 2015-01-07 00:31 - 00000474 _____ () C:\Users\oneinc\Desktop\defogger_disable.log
2015-01-07 00:31 - 2015-01-07 00:31 - 00000000 _____ () C:\Users\oneinc\defogger_reenable
2015-01-07 00:27 - 2015-01-07 15:53 - 02124288 _____ (Farbar) C:\Users\oneinc\Desktop\FRST64.exe
2015-01-07 00:26 - 2015-01-07 00:34 - 00000000 ____D () C:\Users\oneinc\Desktop\Neuer Ordner
2015-01-07 00:00 - 2015-01-07 00:01 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-07 00:00 - 2015-01-07 00:00 - 04188536 _____ (Piriform Ltd) C:\Users\oneinc\Downloads\ccsetup501_slim.exe
2014-12-28 15:50 - 2014-12-28 15:50 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-16 00:09 - 2014-12-16 00:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-13 19:57 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-13 19:57 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-11 15:45 - 2014-12-11 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-10 18:39 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 18:39 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 18:39 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 18:39 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 18:23 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 18:23 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 18:23 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 18:23 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 18:23 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 18:23 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 18:23 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 18:23 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 18:23 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 18:23 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 18:23 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 18:23 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 18:23 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 18:23 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 18:23 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 18:23 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 18:23 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 18:23 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 18:23 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 18:23 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 18:23 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 18:23 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 18:23 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 18:23 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 18:23 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 18:23 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 18:23 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 18:23 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 18:23 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 18:23 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 18:23 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 18:23 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 18:23 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 18:23 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 18:23 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 18:23 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 18:23 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 18:23 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 18:23 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 18:23 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 18:23 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 18:23 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 18:23 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 18:23 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 18:23 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 22:17 - 2014-04-10 19:43 - 00000000 ___DO () C:\Users\oneinc\SkyDrive
2015-01-08 22:17 - 2013-09-11 13:58 - 00004184 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-08 22:16 - 2014-03-17 15:34 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-08 22:16 - 2013-10-17 15:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-08 22:16 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-08 22:16 - 2013-08-22 14:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-08 22:15 - 2014-04-22 17:29 - 00000000 ____D () C:\Users\oneinc\Downloads\22.04.14
2015-01-08 22:15 - 2013-11-10 15:37 - 00000000 ____D () C:\Users\oneinc\Downloads\10.11
2015-01-08 22:14 - 2014-08-21 19:19 - 00000000 ____D () C:\Users\oneinc\AppData\Local\Adobe
2015-01-08 22:13 - 2014-03-17 15:34 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-08 22:11 - 2013-09-11 13:58 - 00000000 ____D () C:\Users\oneinc\AppData\Local\Google
2015-01-08 22:11 - 2013-09-11 13:58 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-08 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-08 17:21 - 2013-09-11 13:37 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3902786967-1432057805-4090323964-1001
2015-01-08 17:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-07 20:21 - 2014-11-16 18:19 - 00000000 ____D () C:\Users\oneinc\AppData\Local\SimilarImages
2015-01-07 20:01 - 2014-01-31 16:49 - 00499200 ___SH () C:\Users\oneinc\Downloads\Thumbs.db
2015-01-07 18:11 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-07 18:11 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-07 18:11 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-07 17:58 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-07 17:57 - 2013-10-31 19:06 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-01-07 17:57 - 2013-10-31 19:06 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-01-07 17:51 - 2013-10-31 19:06 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-07 15:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\DesktopTileResources
2015-01-07 15:44 - 2014-09-06 21:48 - 00001116 _____ () C:\Users\oneinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-07 15:44 - 2013-11-26 18:53 - 00000000 ____D () C:\AdwCleaner
2015-01-07 01:01 - 2013-10-17 15:19 - 00000000 ____D () C:\Users\oneinc
2015-01-07 00:48 - 2014-07-25 17:24 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 00:15 - 2014-07-25 17:24 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-07 00:15 - 2014-07-25 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-07 00:15 - 2014-07-25 17:24 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-07 00:15 - 2013-11-08 18:11 - 01047040 ___SH () C:\Users\oneinc\Desktop\Thumbs.db
2015-01-07 00:03 - 2014-03-14 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-07 00:03 - 2013-10-28 17:43 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-07 00:03 - 2013-10-17 16:15 - 00000000 ___DC () C:\WINDOWS\Panther
2014-12-28 15:48 - 2014-05-26 20:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-21 05:28 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-15 17:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-15 16:13 - 2013-09-22 17:02 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-15 16:11 - 2013-09-22 17:02 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-13 20:33 - 2014-11-15 21:35 - 00001239 _____ () C:\Users\oneinc\Desktop\Amazon Music.lnk
2014-12-11 16:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 21:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 18:33 - 2013-10-09 18:21 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-07 22:37

==================== End Of Log ============================
--- --- ---



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by oneinc at 2015-01-08 22:15:27 Run:1
Running from C:\Users\oneinc\Desktop
Loaded Profile: oneinc (Available profiles: oneinc)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\oneinc\AppData\Roaming\Opera Software\Opera Stable\File System\002\t\00\00000000

C:\Users\oneinc\Desktop\DesTrash\Dayz\Steam2WrapperLauncher.exe

C:\Users\oneinc\Downloads\Akvis Magnifier - CHIP-Installer.exe

C:\Users\oneinc\Downloads\mein-hpl-2012-frei-50-Downloader.exe

C:\Users\oneinc\Downloads\PDFCreator-2_0_0-setup.exe

C:\Users\oneinc\Downloads\10.11\sisoft-sandra-lite-2013-19-66.exe

C:\Users\oneinc\Downloads\22.04.14\CheatEngine63.exe

C:\Users\oneinc\Downloads\22.04.14\mein-hpl-2012-frei-50-Downloader.exe

C:\Users\oneinc\Downloads\22.04.14\Unlimited Downloads__3339_i567367728_il426.exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (1).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (2).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (3).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (4).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv (5).exe

C:\Users\oneinc\Downloads\22.04.14\vioplayerv.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:58222;https=127.0.0.1:58222
Emptytemp:
*****************

C:\Users\oneinc\AppData\Roaming\Opera Software\Opera Stable\File System\002\t\00\00000000 => Moved successfully.
C:\Users\oneinc\Desktop\DesTrash\Dayz\Steam2WrapperLauncher.exe => Moved successfully.
C:\Users\oneinc\Downloads\Akvis Magnifier - CHIP-Installer.exe => Moved successfully.
C:\Users\oneinc\Downloads\mein-hpl-2012-frei-50-Downloader.exe => Moved successfully.
C:\Users\oneinc\Downloads\PDFCreator-2_0_0-setup.exe => Moved successfully.
C:\Users\oneinc\Downloads\10.11\sisoft-sandra-lite-2013-19-66.exe => Moved successfully.
C:\Users\oneinc\Downloads\22.04.14\CheatEngine63.exe => Moved successfully.
C:\Users\oneinc\Downloads\22.04.14\mein-hpl-2012-frei-50-Downloader.exe => Moved successfully.
C:\Users\oneinc\Downloads\22.04.14\Unlimited Downloads__3339_i567367728_il426.exe => Moved successfully.
C:\Users\oneinc\Downloads\22.04.14\vioplayerv (1).exe => Moved successfully.
C:\Users\oneinc\Downloads\22.04.14\vioplayerv (2).exe => Moved successfully.
C:\Users\oneinc\Downloads\22.04.14\vioplayerv (3).exe => Moved successfully.
C:\Users\oneinc\Downloads\22.04.14\vioplayerv (4).exe => Moved successfully.
C:\Users\oneinc\Downloads\22.04.14\vioplayerv (5).exe => Moved successfully.
C:\Users\oneinc\Downloads\22.04.14\vioplayerv.exe => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3902786967-1432057805-4090323964-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
EmptyTemp: => Removed 365.6 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 22:15:49 ====

Alt 08.01.2015, 23:04   #11
schrauber
/// the machine
/// TB-Ausbilder
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.01.2015, 23:46   #12
Coppelius5s
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Super besten Dank

Eine Frage
Können wir meinen Laptop auch Überprüfen?

Viele Grüße


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by ThinkPad (administrator) on THINKPAD-LAPTOP on 08-01-2015 23:28:53
Running from C:\Users\ThinkPad\Desktop
Loaded Profile: ThinkPad (Available profiles: ThinkPad)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\sp6\LU1\LULnchr.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\sp6\LU1\LogitechUpdate.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PSQLLauncher] => C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [86312 2013-03-05] (Authentec Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2014-10-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295712 2014-08-07] (Lenovo Group Limited)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [TpShocks] => C:\Windows\SYSTEM32\TpShocks.exe [384344 2014-02-17] (Lenovo.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13535304 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2014-10-21] (Lenovo Group Limited)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4876016 2014-01-08] (Intel(R) Corporation)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63776 2014-07-10] (Lenovo)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Run: [SkyDrive] => C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Run: [Facebook Update] => C:\Users\ThinkPad\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-07-22] (Facebook Inc.)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22058592 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [1792376 2014-10-03] (TomTom)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\RunOnce: [Uninstall C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\RunOnce: [Uninstall C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\RunOnce: [Uninstall C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\RunOnce: [Uninstall C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\RunOnce: [Uninstall C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-11-11] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ThinkPad\AppData\Roaming\Mozilla\Firefox\Profiles\v1qxms2d.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3819069072-1018984685-1124821356-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ThinkPad\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: Adblock Plus - C:\Users\ThinkPad\AppData\Roaming\Mozilla\Firefox\Profiles\v1qxms2d.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-21]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-08]
FF HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-03-30]

Chrome: 
=======
CHR Profile: C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-08]
CHR Extension: (Google Drive) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-08]
CHR Extension: (µBlock) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2014-10-21]
CHR Extension: (Google-Suche) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-08]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-10-21]
CHR Extension: (AdBlock Premium) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj [2014-10-21]
CHR Extension: (Avast Online Security) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-08]
CHR Extension: (Ghostery) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-10-21]
CHR Extension: (Google Wallet) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-08]
CHR Extension: (Google Mail) - C:\Users\ThinkPad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-27]
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-27] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-27] (Avast Software)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [1008344 2013-05-14] (Broadcom Corporation.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [319536 2014-09-10] (Lenovo.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-13] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197408 2014-08-07] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-27] ()
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2013-03-27] (Broadcom Corporation.)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [260712 2012-01-30] (Realtek Semiconductor Corp.)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (Authentec Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-27] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 23:28 - 2015-01-08 23:29 - 00025194 _____ () C:\Users\ThinkPad\Desktop\FRST.txt
2015-01-08 23:28 - 2015-01-08 23:28 - 02124288 _____ (Farbar) C:\Users\ThinkPad\Desktop\FRST64.exe
2015-01-08 23:28 - 2015-01-08 23:28 - 00000000 ____D () C:\FRST
2015-01-08 23:27 - 2015-01-08 23:28 - 00050477 _____ () C:\Users\ThinkPad\Desktop\Defogger.exe
2015-01-08 23:27 - 2015-01-08 23:27 - 00380416 _____ () C:\Users\ThinkPad\Desktop\9hpdc1oo.exe
2015-01-08 14:11 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-08 14:11 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-01-08 14:11 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-08 14:11 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-08 14:11 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-01-08 14:11 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-01-08 14:10 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-01-08 14:10 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-07 20:24 - 2015-01-07 20:27 - 00000000 ____D () C:\Users\ThinkPad\AppData\Local\SimilarImages
2015-01-07 20:24 - 2015-01-07 20:24 - 00000047 _____ () C:\ProgramData\.SimImages
2015-01-07 20:21 - 2015-01-07 20:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimilarImages
2015-01-07 20:21 - 2015-01-07 20:21 - 00000000 ____D () C:\Program Files (x86)\SimilarImages
2015-01-07 20:20 - 2015-01-07 20:21 - 09337248 _____ () C:\Users\ThinkPad\Downloads\setup-SimilarImages-2013.11.exe
2015-01-07 17:49 - 2015-01-07 17:49 - 00000310 _____ () C:\Windows\PFRO.log
2015-01-07 17:46 - 2015-01-07 17:48 - 00000000 ____D () C:\AdwCleaner
2015-01-07 17:45 - 2015-01-07 17:46 - 02173952 _____ () C:\Users\ThinkPad\Downloads\adwcleaner_4.106.exe
2015-01-07 17:45 - 2015-01-07 17:45 - 00001055 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-01-07 17:45 - 2015-01-07 17:45 - 00000000 ____D () C:\Users\ThinkPad\AppData\Local\VS Revo Group
2015-01-07 17:45 - 2015-01-07 17:45 - 00000000 ____D () C:\ProgramData\VS Revo Group
2015-01-07 17:45 - 2015-01-07 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-01-07 17:45 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-01-07 17:44 - 2015-01-07 17:44 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-07 17:43 - 2015-01-07 17:43 - 10801480 _____ (VS Revo Group ) C:\Users\ThinkPad\Downloads\RevoUninProSetup.exe
2015-01-07 13:37 - 2015-01-08 13:54 - 00000764 _____ () C:\Windows\setupact.log
2015-01-07 13:37 - 2015-01-07 13:37 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 01:14 - 2015-01-07 01:14 - 00053296 _____ () C:\Users\ThinkPad\Documents\cc_20150107_011423.reg
2015-01-07 01:13 - 2015-01-07 01:13 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-01-07 01:12 - 2015-01-07 01:12 - 04188536 _____ (Piriform Ltd) C:\Users\ThinkPad\Downloads\ccsetup501_slim.exe
2015-01-07 01:12 - 2015-01-07 01:12 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-06 21:21 - 2014-10-17 14:00 - 00376584 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2014-12-12 20:13 - 2014-12-12 20:13 - 00007605 _____ () C:\Users\ThinkPad\AppData\Local\Resmon.ResmonCfg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 23:28 - 2013-11-09 16:12 - 01375785 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 23:26 - 2013-11-08 16:46 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 23:25 - 2014-11-26 20:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 23:25 - 2014-07-22 12:20 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819069072-1018984685-1124821356-1000UA.job
2015-01-08 23:25 - 2013-11-08 17:26 - 01596216 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-08 23:25 - 2013-11-08 16:46 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 23:25 - 2009-07-14 18:58 - 00700186 _____ () C:\Windows\system32\perfh007.dat
2015-01-08 23:25 - 2009-07-14 18:58 - 00150070 _____ () C:\Windows\system32\perfc007.dat
2015-01-08 23:25 - 2009-07-14 06:13 - 01596216 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-08 14:08 - 2014-07-22 12:20 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819069072-1018984685-1124821356-1000Core.job
2015-01-08 13:53 - 2013-11-08 16:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-01-08 01:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-01-07 20:22 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 20:22 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 20:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-07 17:51 - 2013-12-28 03:12 - 00000000 ____D () C:\Users\ThinkPad\AppData\Roaming\Skype
2015-01-07 17:50 - 2013-11-08 18:41 - 00000000 ___RD () C:\Users\ThinkPad\SkyDrive
2015-01-07 17:49 - 2014-11-21 22:53 - 00000000 ___RD () C:\Users\ThinkPad\iCloudDrive
2015-01-07 17:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 17:48 - 2013-11-09 16:12 - 00000961 _____ () C:\Users\ThinkPad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-07 17:48 - 2013-11-08 16:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-07 02:18 - 2014-07-25 17:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-07 01:14 - 2013-11-09 00:06 - 00000000 ____D () C:\Windows\Panther
2015-01-06 21:25 - 2013-11-08 17:20 - 00000000 ____D () C:\Program Files\Elantech
2015-01-06 21:21 - 2014-03-30 01:56 - 00001577 _____ () C:\Windows\Delfg.cmd
2015-01-06 21:21 - 2014-03-30 01:56 - 00000146 _____ () C:\Windows\launchpw.cmd
2015-01-06 21:21 - 2014-03-30 01:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage
2015-01-06 21:21 - 2013-11-08 17:18 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-01-06 21:20 - 2014-03-30 01:56 - 00000006 _____ () C:\Windows\systemtype.txt
2015-01-06 21:20 - 2013-11-08 17:18 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-01-06 21:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2015-01-06 21:19 - 2014-03-30 02:01 - 00003020 _____ () C:\Windows\System32\Tasks\PMTask
2015-01-06 21:19 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2014-12-23 20:11 - 2013-11-08 18:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-23 19:40 - 2014-07-25 17:38 - 00001082 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-23 19:40 - 2014-07-25 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-23 19:40 - 2014-07-25 17:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-23 00:14 - 2014-06-07 14:08 - 00003866 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1383925250
2014-12-23 00:14 - 2013-11-08 16:40 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-12 20:08 - 2014-03-21 12:52 - 00000000 ____D () C:\Windows\System32\Tasks\TVT
2014-12-11 21:57 - 2014-11-26 20:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-11 21:57 - 2013-11-08 18:31 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 21:57 - 2013-11-08 18:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\ThinkPad\AppData\Local\Temp\Quarantine.exe
C:\Users\ThinkPad\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ThinkPad\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-04 22:23

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by ThinkPad at 2015-01-08 23:29:24
Running from C:\Users\ThinkPad\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.240 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.42.20 - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 6.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.4 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.66.3 - Lenovo Group Limited)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.12 - )
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.16.0 - Lenovo)
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Solution Center (HKLM\...\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}) (Version: 2.7.003.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3819069072-1018984685-1124821356-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MyDriveConnect 3.3.0.1812 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
Nalpeiron License Management (x32 Version: 6.3.9.1 - Nalpeiron) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.80.218.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29011 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2013.11 - Nils Maier)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2014 - Abelssoft)
SSD Tweaker version 3.0.7 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.0.7 - Elpamsoft.com)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad UltraNav Driver (HKLM\...\Elantech) (Version: 11.4.30.3 - ELAN Microelectronic Corp.)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.23 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{F58DA859-016E-492D-A588-317D9BB28002}) (Version: 5.9.9.7282 - Authentec Inc.)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.70.2.0 - Lenovo Group Limited)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo)
version 11.4.30.1 (g3gx18ww) (HKLM-x32\...\{g3gx18ww}}_is1) (Version:  - Lenovo Group Limited)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3819069072-1018984685-1124821356-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3819069072-1018984685-1124821356-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3819069072-1018984685-1124821356-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3819069072-1018984685-1124821356-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3819069072-1018984685-1124821356-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

01-01-2015 23:15:16 OTL Restore Point - 01.01.2015 23:15:16
06-01-2015 21:19:07 Installiert Energie-Manager
08-01-2015 14:10:18 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09B99608-612D-4237-954E-0C2AAA758D05} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {131F1B7F-AA31-4B85-8E6C-CA2F38EAEE3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {187E681E-EB8B-4029-88FB-36FDFFE386AF} - System32\Tasks\Opera scheduled Autoupdate 1383925250 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {18BC37B6-9E41-49F1-B629-030D337D29A2} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {1D0C274B-5284-4AE6-A8FD-9C41A4227548} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2014-09-10] (Lenovo Group Limited)
Task: {29828C67-2F74-4350-A580-C10F36C7CBAA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-27] (AVAST Software)
Task: {48A990E1-D2D7-4FB1-9A1B-4CE64A3731FC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {6124D34C-837A-40E1-AA21-F4AE05C9DFF6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2014-10-16] (Lenovo)
Task: {66585248-5E10-4EC1-BFCC-B517F603237B} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {6A0AE526-5FEF-4784-940B-BBAA56F81B65} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe [2014-10-16] ()
Task: {6FECF9A8-2352-442D-AC9F-B3F6B524B6A4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {A0A8E9CE-B874-47A7-95C3-2DC046BC9435} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)
Task: {BAD13243-8902-49E6-9FAB-B9238D37E3FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {CEC8F5FC-F442-422F-8FAE-FBE052356A28} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2014-10-16] (Lenovo)
Task: {DDFE3B6E-19BE-4FDA-BAFF-5E02F91C0DF3} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2014-10-16] ()
Task: {E6F7011B-1E5F-4E0C-8B87-88263302D5FA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3819069072-1018984685-1124821356-1000UA => C:\Users\ThinkPad\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-22] (Facebook Inc.)
Task: {F155557D-43FC-4475-B153-F36494BEB780} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-10-16] (Lenovo)
Task: {F8F8F2C8-38D9-4E17-99F7-B3B1DA2A65FC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3819069072-1018984685-1124821356-1000Core => C:\Users\ThinkPad\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-07-22] (Facebook Inc.)
Task: {FC0B0A99-7C43-4DE7-917E-F991623A4EA8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819069072-1018984685-1124821356-1000Core.job => C:\Users\ThinkPad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3819069072-1018984685-1124821356-1000UA.job => C:\Users\ThinkPad\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-11-27 23:44 - 2014-11-27 23:44 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-27 23:44 - 2014-11-27 23:44 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2013-11-08 17:35 - 2012-03-19 15:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-07-11 14:37 - 2014-10-21 10:29 - 00601376 _____ () C:\Program Files\Lenovo\Password Manager\pwm_website_config.dll
2013-11-08 20:17 - 2014-09-10 06:06 - 00117760 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2014-12-12 23:24 - 2014-12-12 23:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-23 00:14 - 2014-12-23 00:14 - 00535160 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
2015-01-07 13:37 - 2015-01-07 13:37 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010700\algo.dll
2014-11-27 23:44 - 2014-11-27 23:44 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-01-08 23:25 - 2015-01-08 23:25 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010801\algo.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2013-11-08 20:57 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2013-11-08 20:57 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2014-09-25 10:42 - 2014-09-25 10:42 - 00081056 _____ () C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-10-21 10:26 - 2014-10-21 10:26 - 00546592 _____ () C:\Program Files (x86)\Lenovo\Password Manager\pwm_website_config.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00026488 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00087416 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2014-10-03 13:04 - 2014-10-03 13:04 - 00398712 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2014-11-27 23:44 - 2014-11-27 23:44 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-21 00:38 - 2013-05-13 15:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-25 10:42 - 2014-09-25 10:42 - 00081056 _____ () C:\Users\ThinkPad\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2014-12-23 00:14 - 2014-12-23 00:14 - 01358456 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libglesv2.dll
2014-12-23 00:14 - 2014-12-23 00:14 - 00219256 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libegl.dll
2014-12-23 00:14 - 2014-12-23 00:14 - 09312888 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\pdf.dll
2014-12-23 00:14 - 2014-12-23 00:14 - 00991352 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3819069072-1018984685-1124821356-500 - Administrator - Disabled)
Gast (S-1-5-21-3819069072-1018984685-1124821356-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3819069072-1018984685-1124821356-1002 - Limited - Enabled)
ThinkPad (S-1-5-21-3819069072-1018984685-1124821356-1000 - Administrator - Enabled) => C:\Users\ThinkPad

==================== Faulty Device Manager Devices =============

Name: ThinkPad Bluetooth 4.0
Description: ThinkPad Bluetooth 4.0
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2015 11:25:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c92c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002a8b4
ID des fehlerhaften Prozesses: 0x10b0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (01/06/2015 07:47:45 PM) (Source: Google Update) (EventID: 20) (User: ThinkPad-Laptop)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (01/03/2015 07:32:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044

Error: (01/03/2015 07:32:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2044

Error: (01/03/2015 07:32:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/03/2015 07:32:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1046

Error: (01/03/2015 07:32:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1046

Error: (01/03/2015 07:32:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/02/2015 00:18:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (01/02/2015 00:18:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014


System errors:
=============
Error: (01/07/2015 05:49:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (01/07/2015 05:49:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (01/07/2015 05:48:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (01/07/2015 05:48:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (01/07/2015 05:48:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (01/07/2015 05:48:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (01/07/2015 05:48:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (01/07/2015 05:48:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Power Manager Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/07/2015 05:48:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/07/2015 05:48:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (01/08/2015 11:25:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ole32.dll6.1.7601.175144ce7c92cc0000005000000000002a8b410b001d02a99e6beab2bC:\Windows\Explorer.EXEC:\Windows\system32\ole32.dll3ebff183-9785-11e4-9df3-3c970ec1ddea

Error: (01/06/2015 07:47:45 PM) (Source: Google Update) (EventID: 20) (User: ThinkPad-Laptop)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (01/03/2015 07:32:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044

Error: (01/03/2015 07:32:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2044

Error: (01/03/2015 07:32:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/03/2015 07:32:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1046

Error: (01/03/2015 07:32:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1046

Error: (01/03/2015 07:32:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/02/2015 00:18:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (01/02/2015 00:18:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014


CodeIntegrity Errors:
===================================
  Date: 2015-01-06 21:27:48.970
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-26 23:17:52.084
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-26 23:01:53.454
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-26 23:01:50.753
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-26 23:01:32.426
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-26 23:01:23.036
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-26 23:01:11.767
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-26 23:01:08.059
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-27 23:46:50.373
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-21 22:54:59.671
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 91%
Total physical RAM: 3671.87 MB
Available physical RAM: 307.39 MB
Total Pagefile: 7341.91 MB
Available Pagefile: 3548.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:59.62 GB) (Free:9.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:52.16 GB) (Free:52.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 917C82C9)
Partition 1: (Active) - (Size=59.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=52.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-08 23:34:40
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Crucial_ rev.MU03 111,79GB
Running: 9hpdc1oo.exe; Driver: C:\Users\ThinkPad\AppData\Local\Temp\awayruoc.sys


---- Threads - GMER 2.1 ----

Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [10192:9140]  0000000076a27587
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [10192:9448]  00000000629d7712
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [10192:8060]  0000000077172e65
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [10192:9952]  0000000077173e85
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [10192:3432]  0000000077173e85

---- EOF - GMER 2.1 ----
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 08.01.2015
Suchlauf-Zeit: 23:37:49
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.08.16
Rootkit Datenbank: v2015.01.07.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ThinkPad

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 332009
Verstrichene Zeit: 7 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

Alt 09.01.2015, 09:17   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Win 8.1 : Internet plötzlich sehr langsam - Standard

Win 8.1 : Internet plötzlich sehr langsam


Was haste denn für Probleme mit dem Laptop?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win 8.1 : Internet plötzlich sehr langsam
aktualisiert, anhang, anschluss, bedrohungen, beheben, benutzung, gen, gmer, infos, interne, internet, internetanschluss, langsam, malwarebytes, min, plötzlich, problem, programme, programmen, prozessor, ram, stürzt, troja, versuche, win


« Blau unterstrichene Wörter mit Werbung erscheinen bei Firefox | adfoc.us ruft unerwünschte websites auf »


Ähnliche Themen: Win 8.1 : Internet plötzlich sehr langsam


  1. Pc plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 10.04.2015 (14)
  2. Windows 8: Internet plötzlich sehr langsam!
    Log-Analyse und Auswertung - 10.01.2014 (13)
  3. Internet und PC plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (11)
  4. PC plötzlich sehr, sehr langsam - evtl. neues update Adobe Flashplayer? kein Virus gefunden...
    Log-Analyse und Auswertung - 05.10.2011 (15)
  5. Internet plötzlich sehr langsam
    Log-Analyse und Auswertung - 19.09.2011 (7)
  6. Internet plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 27.06.2011 (7)
  7. Mein Internet ist plötzlich sehr langsam geworden...
    Log-Analyse und Auswertung - 24.06.2011 (29)
  8. Internet plötzlich sehr langsam/ seltsames router-log
    Log-Analyse und Auswertung - 12.01.2010 (2)
  9. Windows 7 RC Rechner u. Internet plötzlich sehr langsam
    Log-Analyse und Auswertung - 23.11.2009 (4)
  10. Internet plötzlich sehr langsam
    Log-Analyse und Auswertung - 16.06.2009 (0)
  11. System plötzlich sehr langsam
    Log-Analyse und Auswertung - 06.04.2009 (0)
  12. Internet plötzlich sehr langsam geworden
    Mülltonne - 25.12.2008 (0)
  13. Laptop plötzlich sehr sehr langsam
    Log-Analyse und Auswertung - 24.09.2008 (1)
  14. Internet plötzlich sehr langsam
    Log-Analyse und Auswertung - 28.08.2008 (0)
  15. Internet plötzlich sehr langsam...Hilfe bei der Logfileauswertung
    Log-Analyse und Auswertung - 25.08.2008 (2)
  16. Internet ist plötzlich sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 19.07.2008 (2)
  17. Internet plötzlich sehr langsam
    Log-Analyse und Auswertung - 18.06.2008 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win 8.1 : Internet plötzlich sehr langsam - Hallo Trojaner-Board Team, seit ca. einem Monat verlangsamt sich mein Internetanschluss nach ca. 5-10 min Benutzung ohne ersichtlichen Grund. Ich habe schon einige Versuche unternommen, dass Problem zu beheben, alle - Win 8.1 : Internet plötzlich sehr langsam...
Archiv
Du betrachtest: Win 8.1 : Internet plötzlich sehr langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55