| |
| |||||||
Log-Analyse und Auswertung: Zunehmende Verzögerung im Seitenaufbau mit FirefoxWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.02.2015, 22:29
| #1 |
 |  Zunehmende Verzögerung im Seitenaufbau mit Firefox Windows 7, 32 Bit Home-Version. Seit Tagen - immer mehr zunehmend - öffnen sich Seiten im Internet nur sehr langsam, manchmal überhaupt nicht, sodass ich abbrechen muss. Komischerweise laden sie dann wenig später ohne Probleme. Dies betrifft auch Seiten, die ich als Lesezeichen abgespeichert habe. Als Viren-Programm habe ich Avast, es zeigte nichts an. Den sog. Virus-Container konnte ich leider nicht kopieren, aber der letzte gefundene Virus datiert vom 18.11.2014. Vor ein paar Tagen habe ich den CCleaner drüber laufen lassen, wie üblich hat er viele Restspuren beseitigt, die Probleme sind geblieben. HJackThis habe ich zuletzt am 19.01.2015 drüber laufen lassen (Protokoll füge ich bei), er zeigte mir nur einen Eintrag an, der gefixt werden sollte. Diesen konnte ich aber nicht entfernen. Den Cache leere ich regelmäßig, es ändert sich dann aber trotzdem nichts. Den IE habe ich nicht ausprobiert, den meide ich konsequent. Evtl. wichtig. Seit kurzer Zeit dauert auch das Öffnen von Word-Dateien hier und da (aber selten) länger als gewohnt. Auch sind Word-Dateien verschwunden, aber nicht im Papierkorb gelandet (ist evtl. eine andere „Baustelle“, wollte es nur erwähnen). Danke vorab! Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:04 on 13/02/2015 (Admin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2015
Ran by Heinz-Willi (ATTENTION: The logged in user is not administrator) on HEINZ-WILLI-PC on 13-02-2015 21:07:28
Running from C:\Users\Heinz-Willi\Downloads
Loaded Profiles: Heinz-Willi & Admin (Available profiles: Heinz-Willi & Admin)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> winlogon.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> AvastSvc.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> armsvc.exe
Failed to access process -> E_S50ST7.EXE
Failed to access process -> E_S50RP7.EXE
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> WUDFHost.exe
Failed to access process -> AvastVBoxSVC.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> taskeng.exe
Failed to access process -> GoogleUpdate.exe
Failed to access process -> GoogleCrashHandler.exe
Failed to access process -> VSSVC.exe
Failed to access process -> svchost.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> wmpnetwk.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
Failed to access process -> svchost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
Failed to access process -> OSPPSVC.EXE
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> SearchFilterHost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 2000-01-01] (Realtek Semiconductor)
HKU\S-1-5-21-724745677-1146776812-3954023175-1001\...\Run: [EPSON BX305 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGJE.EXE [200704 2009-09-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-724745677-1146776812-3954023175-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-724745677-1146776812-3954023175-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
URLSearchHook: [S-1-5-21-724745677-1146776812-3954023175-1003] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Heinz-Willi\AppData\Roaming\Mozilla\Firefox\Profiles\5t753svr.default-1414089825985
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\Heinz-Willi\AppData\Roaming\Mozilla\Firefox\Profiles\5t753svr.default-1414089825985\Extensions\toolbar@web.de [2014-10-24]
FF Extension: Referrer Control - C:\Users\Heinz-Willi\AppData\Roaming\Mozilla\Firefox\Profiles\5t753svr.default-1414089825985\Extensions\referrercontrol@qixinglu.com.xpi [2014-12-19]
FF Extension: Adblock Plus - C:\Users\Heinz-Willi\AppData\Roaming\Mozilla\Firefox\Profiles\5t753svr.default-1414089825985\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-01]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-14]
CHR Extension: (Google Docs) - C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-14]
CHR Extension: (Google Drive) - C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-14]
CHR Extension: (YouTube) - C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-14]
CHR Extension: (Google-Suche) - C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-14]
CHR Extension: (Google Tabellen) - C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-14]
CHR Extension: (avast! Online Security) - C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-14]
CHR Extension: (Google Wallet) - C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-14]
CHR Extension: (Google Mail) - C:\Users\Heinz-Willi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-14]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-12-02] (Avast Software)
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2009-09-13] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2009-09-13] (SEIKO EPSON CORPORATION)
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-02] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [11232 2015-02-11] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-12-02] (Avast Software)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-13 21:07 - 2015-02-13 21:07 - 00012211 _____ () C:\Users\Heinz-Willi\Downloads\FRST.txt
2015-02-13 21:07 - 2015-02-13 21:07 - 00000000 ____D () C:\FRST
2015-02-13 21:06 - 2015-02-13 21:06 - 01125376 _____ (Farbar) C:\Users\Heinz-Willi\Downloads\FRST.exe
2015-02-13 21:05 - 2015-02-13 21:05 - 00050477 _____ () C:\Users\Heinz-Willi\Downloads\Defogger(1).exe
2015-02-13 21:03 - 2015-02-13 21:04 - 00000472 _____ () C:\Users\Heinz-Willi\Downloads\defogger_disable.log
2015-02-13 21:03 - 2015-02-13 21:03 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-02-13 21:01 - 2015-02-13 21:01 - 00050477 _____ () C:\Users\Heinz-Willi\Downloads\Defogger.exe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default\AppData\Local\Adobe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default User\AppData\Local\Adobe
2015-02-13 20:43 - 2015-02-13 20:43 - 00000197 _____ () C:\Windows\system32\2015-02-13-19-43-00.060-AvastVBoxSVC.exe-2128.log
2015-02-13 16:41 - 2015-02-13 16:41 - 00000197 _____ () C:\Windows\system32\2015-02-13-15-41-33.018-AvastVBoxSVC.exe-2456.log
2015-02-13 14:28 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 14:28 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 14:23 - 2015-02-13 14:23 - 00000197 _____ () C:\Windows\system32\2015-02-13-13-23-38.053-AvastVBoxSVC.exe-2512.log
2015-02-12 21:50 - 2015-02-12 21:51 - 00000197 _____ () C:\Windows\system32\2015-02-12-20-50-56.080-AvastVBoxSVC.exe-2196.log
2015-02-12 18:35 - 2015-02-12 18:35 - 00000197 _____ () C:\Windows\system32\2015-02-12-17-35-02.049-AvastVBoxSVC.exe-3348.log
2015-02-12 14:21 - 2015-02-12 14:21 - 00000197 _____ () C:\Windows\system32\2015-02-12-13-21-21.046-AvastVBoxSVC.exe-2076.log
2015-02-12 11:23 - 2015-02-12 11:23 - 00000197 _____ () C:\Windows\system32\2015-02-12-10-23-21.090-AvastVBoxSVC.exe-2116.log
2015-02-12 10:59 - 2015-02-12 10:59 - 00000197 _____ () C:\Windows\system32\2015-02-12-09-59-23.031-AvastVBoxSVC.exe-2904.log
2015-02-12 00:37 - 2015-02-12 00:37 - 00000197 _____ () C:\Windows\system32\2015-02-11-23-37-12.070-AvastVBoxSVC.exe-2088.log
2015-02-11 22:19 - 2015-02-11 22:19 - 00011856 _____ () C:\Users\Heinz-Willi\Downloads\artmedic_wissensquiz.zip
2015-02-11 21:19 - 2015-02-11 21:19 - 00000197 _____ () C:\Windows\system32\2015-02-11-20-19-02.014-AvastVBoxSVC.exe-2428.log
2015-02-11 19:55 - 2015-02-11 19:55 - 00000197 _____ () C:\Windows\system32\2015-02-11-18-55-12.077-AvastVBoxSVC.exe-2124.log
2015-02-11 15:54 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 15:53 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 15:53 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 15:53 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 15:53 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 15:53 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 15:53 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 15:53 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 15:53 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 15:53 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 15:53 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 15:53 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 15:53 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 15:53 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 15:53 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:53 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 15:53 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-11 15:52 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-11 15:52 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 15:52 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 15:52 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 15:52 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 15:52 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 15:52 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 15:52 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 15:52 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 15:52 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 15:52 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 15:52 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 15:52 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 15:52 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 15:52 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 15:52 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 15:52 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 15:52 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 15:52 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 15:52 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 15:52 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 15:52 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 15:52 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 15:52 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 15:52 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 15:52 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 15:52 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 15:52 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 15:52 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 15:52 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 15:51 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 15:51 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 15:51 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:49 - 2015-02-11 15:49 - 00000197 _____ () C:\Windows\system32\2015-02-11-14-49-02.070-AvastVBoxSVC.exe-2108.log
2015-02-11 14:10 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:10 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:10 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:10 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 14:10 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 11:54 - 2015-02-11 11:54 - 00000197 _____ () C:\Windows\system32\2015-02-11-10-54-39.085-AvastVBoxSVC.exe-2056.log
2015-02-11 02:25 - 2015-02-11 02:25 - 00000197 _____ () C:\Windows\system32\2015-02-11-01-25-14.050-AvastVBoxSVC.exe-2652.log
2015-02-11 02:20 - 2015-02-11 02:20 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-11 02:20 - 2015-02-11 02:20 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-02-11 02:19 - 2000-01-01 01:00 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2015-02-11 02:19 - 2000-01-01 01:00 - 13789440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 11878656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-02-11 02:19 - 2000-01-01 01:00 - 04713224 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 03343832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-02-11 02:19 - 2000-01-01 01:00 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 02513264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 02354544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-02-11 02:19 - 2000-01-01 01:00 - 01823320 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-02-11 02:19 - 2000-01-01 01:00 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01053208 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00966904 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00948336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00945456 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00927448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00844192 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00818936 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00818000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00606968 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00386072 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00219896 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2015-02-11 02:18 - 2015-02-11 02:20 - 00000000 ___HD () C:\Program Files\Temp
2015-02-11 02:18 - 2015-02-11 02:18 - 00000000 ____D () C:\Program Files\Realtek
2015-02-11 02:18 - 2000-01-01 01:00 - 06177624 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 02421792 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01940056 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01490264 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01468608 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01175888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01145600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00966744 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00276128 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00274264 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00221528 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00188696 _____ () C:\Windows\system32\AcpiServiceVnA.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00087864 _____ () C:\Windows\system32\audioLibVc.dll
2015-02-11 02:11 - 2015-02-11 02:11 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2015-02-11 02:08 - 2015-02-13 20:42 - 00000386 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2015-02-11 02:08 - 2015-02-11 02:08 - 00011232 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-02-11 02:08 - 2015-02-11 02:08 - 00002455 _____ () C:\Users\Public\Desktop\SlimDrivers.lnk
2015-02-11 02:08 - 2015-02-11 02:08 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-02-11 02:07 - 2015-02-11 02:07 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\Heinz-Willi\Downloads\slimdrivers-setup.exe
2015-02-11 02:03 - 2015-02-11 02:05 - 26012864 _____ () C:\Users\Heinz-Willi\Downloads\GoogleEarthProWin.exe
2015-02-10 22:44 - 2015-02-10 22:44 - 00000197 _____ () C:\Windows\system32\2015-02-10-21-44-52.058-AvastVBoxSVC.exe-2596.log
2015-02-10 18:48 - 2015-02-10 18:48 - 00000197 _____ () C:\Windows\system32\2015-02-10-17-48-01.028-AvastVBoxSVC.exe-2288.log
2015-02-10 16:12 - 2015-02-10 16:12 - 00000197 _____ () C:\Windows\system32\2015-02-10-15-12-34.022-AvastVBoxSVC.exe-2088.log
2015-02-10 11:02 - 2015-02-10 11:02 - 00000197 _____ () C:\Windows\system32\2015-02-10-10-02-32.012-AvastVBoxSVC.exe-2152.log
2015-02-09 23:30 - 2015-02-09 23:31 - 00000197 _____ () C:\Windows\system32\2015-02-09-22-30-23.042-AvastVBoxSVC.exe-2476.log
2015-02-09 20:29 - 2015-02-09 20:29 - 00000197 _____ () C:\Windows\system32\2015-02-09-19-29-35.048-AvastVBoxSVC.exe-2684.log
2015-02-09 19:28 - 2015-02-09 19:29 - 00000197 _____ () C:\Windows\system32\2015-02-09-18-28-52.046-AvastVBoxSVC.exe-2752.log
2015-02-09 12:00 - 2015-02-09 12:00 - 00000197 _____ () C:\Windows\system32\2015-02-09-11-00-11.092-AvastVBoxSVC.exe-2244.log
2015-02-08 18:56 - 2015-02-08 18:56 - 00000197 _____ () C:\Windows\system32\2015-02-08-17-56-04.058-AvastVBoxSVC.exe-2224.log
2015-02-08 00:45 - 2015-02-08 00:45 - 00000197 _____ () C:\Windows\system32\2015-02-07-23-45-39.008-AvastVBoxSVC.exe-2128.log
2015-02-07 21:46 - 2015-02-07 21:46 - 00000197 _____ () C:\Windows\system32\2015-02-07-20-46-27.068-AvastVBoxSVC.exe-2532.log
2015-02-07 17:06 - 2015-02-07 17:06 - 00000197 _____ () C:\Windows\system32\2015-02-07-16-06-02.080-AvastVBoxSVC.exe-3008.log
2015-02-07 15:45 - 2015-02-07 15:45 - 00000197 _____ () C:\Windows\system32\2015-02-07-14-45-38.065-AvastVBoxSVC.exe-3964.log
2015-02-07 12:11 - 2015-02-07 12:12 - 00000197 _____ () C:\Windows\system32\2015-02-07-11-11-59.093-AvastVBoxSVC.exe-1776.log
2015-02-07 06:00 - 2015-02-07 06:00 - 00000197 _____ () C:\Windows\system32\2015-02-07-05-00-20.040-AvastVBoxSVC.exe-2084.log
2015-02-07 03:25 - 2015-02-07 03:26 - 00000197 _____ () C:\Windows\system32\2015-02-07-02-25-54.086-AvastVBoxSVC.exe-1192.log
2015-02-06 23:20 - 2015-02-06 23:21 - 00000197 _____ () C:\Windows\system32\2015-02-06-22-20-57.083-AvastVBoxSVC.exe-1236.log
2015-02-06 19:18 - 2015-02-06 19:19 - 00000197 _____ () C:\Windows\system32\2015-02-06-18-18-59.064-AvastVBoxSVC.exe-2624.log
2015-02-06 17:00 - 2015-02-06 17:00 - 00000197 _____ () C:\Windows\system32\2015-02-06-16-00-39.077-AvastVBoxSVC.exe-2216.log
2015-02-06 11:16 - 2015-02-06 11:16 - 00000197 _____ () C:\Windows\system32\2015-02-06-10-16-52.000-AvastVBoxSVC.exe-2064.log
2015-02-05 19:04 - 2015-02-05 19:04 - 00000197 _____ () C:\Windows\system32\2015-02-05-18-04-03.080-AvastVBoxSVC.exe-2172.log
2015-02-05 16:02 - 2015-02-05 16:02 - 00000197 _____ () C:\Windows\system32\2015-02-05-15-02-06.084-AvastVBoxSVC.exe-2156.log
2015-02-05 01:57 - 2015-02-05 01:57 - 00000197 _____ () C:\Windows\system32\2015-02-05-00-57-05.041-AvastVBoxSVC.exe-2256.log
2015-02-04 23:06 - 2015-02-04 23:06 - 00000197 _____ () C:\Windows\system32\2015-02-04-22-06-41.043-AvastVBoxSVC.exe-2188.log
2015-02-04 19:45 - 2015-02-04 19:45 - 00000197 _____ () C:\Windows\system32\2015-02-04-18-45-36.057-AvastVBoxSVC.exe-2188.log
2015-02-04 17:33 - 2015-02-04 17:34 - 00000197 _____ () C:\Windows\system32\2015-02-04-16-33-52.045-AvastVBoxSVC.exe-2248.log
2015-02-04 04:15 - 2015-02-04 04:15 - 00000197 _____ () C:\Windows\system32\2015-02-04-03-15-30.000-AvastVBoxSVC.exe-2164.log
2015-02-03 18:22 - 2015-02-03 18:22 - 00000197 _____ () C:\Windows\system32\2015-02-03-17-22-52.088-AvastVBoxSVC.exe-2124.log
2015-02-03 16:06 - 2015-02-03 16:06 - 00000197 _____ () C:\Windows\system32\2015-02-03-15-06-04.054-AvastVBoxSVC.exe-2456.log
2015-02-03 12:21 - 2015-02-03 12:22 - 00000197 _____ () C:\Windows\system32\2015-02-03-11-21-23.021-AvastVBoxSVC.exe-1368.log
2015-02-03 00:32 - 2015-02-03 00:32 - 00000197 _____ () C:\Windows\system32\2015-02-02-23-32-38.035-AvastVBoxSVC.exe-1284.log
2015-02-02 21:35 - 2015-02-02 21:36 - 00000197 _____ () C:\Windows\system32\2015-02-02-20-35-31.055-AvastVBoxSVC.exe-2272.log
2015-02-02 17:01 - 2015-02-02 17:01 - 00000197 _____ () C:\Windows\system32\2015-02-02-16-01-45.075-AvastVBoxSVC.exe-2124.log
2015-02-01 23:52 - 2015-02-01 23:52 - 00000197 _____ () C:\Windows\system32\2015-02-01-22-52-42.025-AvastVBoxSVC.exe-2348.log
2015-02-01 18:22 - 2015-02-01 18:22 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-22-12.012-AvastVBoxSVC.exe-2612.log
2015-02-01 13:43 - 2015-02-01 13:44 - 00000197 _____ () C:\Windows\system32\2015-02-01-12-43-31.060-AvastVBoxSVC.exe-2272.log
2015-02-01 04:08 - 2015-02-01 04:08 - 00000197 _____ () C:\Windows\system32\2015-02-01-03-08-32.065-AvastVBoxSVC.exe-2196.log
2015-01-31 21:40 - 2015-01-31 21:40 - 00000247 _____ () C:\Windows\system32\2015-01-31-20-40-48.099-aswFe.exe-668.log
2015-01-31 21:35 - 2015-01-31 21:40 - 00000247 _____ () C:\Windows\system32\2015-01-31-20-35-54.040-aswFe.exe-1852.log
2015-01-31 21:35 - 2015-01-31 21:35 - 00000197 _____ () C:\Windows\system32\2015-01-31-20-35-51.005-AvastVBoxSVC.exe-3968.log
2015-01-31 16:05 - 2015-01-31 16:05 - 00000197 _____ () C:\Windows\system32\2015-01-31-15-05-54.017-AvastVBoxSVC.exe-2384.log
2015-01-31 16:02 - 2015-01-31 16:02 - 00777920 _____ (Aff) C:\Users\Heinz-Willi\Downloads\FlvPlayerSetup.exe
2015-01-31 15:54 - 2015-01-31 15:54 - 00808512 _____ (CoinisRS) C:\Users\Heinz-Willi\Downloads\adobe_flash_setup.exe
2015-01-31 15:54 - 2015-01-31 15:54 - 00808512 _____ (CoinisRS) C:\Users\Heinz-Willi\Downloads\adobe_flash_setup(1).exe
2015-01-31 13:39 - 2015-01-31 13:39 - 00000197 _____ () C:\Windows\system32\2015-01-31-12-39-22.048-AvastVBoxSVC.exe-2212.log
2015-01-31 11:56 - 2015-01-31 11:56 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-56-04.067-AvastVBoxSVC.exe-2588.log
2015-01-31 04:12 - 2015-01-31 04:12 - 00000197 _____ () C:\Windows\system32\2015-01-31-03-12-46.022-AvastVBoxSVC.exe-2216.log
2015-01-30 23:20 - 2015-01-30 23:20 - 00000197 _____ () C:\Windows\system32\2015-01-30-22-20-07.012-AvastVBoxSVC.exe-2088.log
2015-01-30 22:33 - 2015-01-30 22:33 - 00000197 _____ () C:\Windows\system32\2015-01-30-21-33-04.032-AvastVBoxSVC.exe-1216.log
2015-01-30 17:29 - 2015-01-30 17:30 - 00000197 _____ () C:\Windows\system32\2015-01-30-16-29-52.017-AvastVBoxSVC.exe-2508.log
2015-01-30 15:36 - 2015-01-30 15:36 - 00000197 _____ () C:\Windows\system32\2015-01-30-14-36-58.096-AvastVBoxSVC.exe-2112.log
2015-01-30 09:25 - 2015-01-30 09:25 - 00000197 _____ () C:\Windows\system32\2015-01-30-08-25-38.049-AvastVBoxSVC.exe-2912.log
2015-01-30 06:43 - 2015-01-30 06:43 - 00000197 _____ () C:\Windows\system32\2015-01-30-05-43-11.006-AvastVBoxSVC.exe-2356.log
2015-01-29 21:30 - 2015-01-29 21:30 - 00000197 _____ () C:\Windows\system32\2015-01-29-20-30-09.097-AvastVBoxSVC.exe-2664.log
2015-01-29 20:07 - 2015-02-13 20:42 - 00004807 _____ () C:\Windows\setupact.log
2015-01-29 20:07 - 2015-01-29 20:07 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-29 17:07 - 2015-01-29 17:08 - 05325208 _____ (Piriform Ltd) C:\Users\Heinz-Willi\Downloads\ccsetup502.exe
2015-01-29 14:45 - 2015-01-29 14:45 - 00000197 _____ () C:\Windows\system32\2015-01-29-13-45-29.081-AvastVBoxSVC.exe-1576.log
2015-01-29 09:36 - 2015-01-29 09:36 - 00000197 _____ () C:\Windows\system32\2015-01-29-08-36-01.063-AvastVBoxSVC.exe-2536.log
2015-01-29 01:07 - 2015-01-29 01:07 - 00000197 _____ () C:\Windows\system32\2015-01-29-00-07-05.082-AvastVBoxSVC.exe-2148.log
2015-01-28 22:34 - 2015-01-28 22:35 - 00000197 _____ () C:\Windows\system32\2015-01-28-21-34-59.061-AvastVBoxSVC.exe-2124.log
2015-01-28 13:12 - 2015-01-28 13:13 - 00000197 _____ () C:\Windows\system32\2015-01-28-12-12-55.026-AvastVBoxSVC.exe-2192.log
2015-01-28 08:21 - 2015-01-28 08:21 - 00000197 _____ () C:\Windows\system32\2015-01-28-07-21-34.087-AvastVBoxSVC.exe-2592.log
2015-01-28 01:51 - 2015-01-28 01:51 - 00000197 _____ () C:\Windows\system32\2015-01-28-00-51-30.070-AvastVBoxSVC.exe-1356.log
2015-01-27 19:47 - 2015-01-27 19:48 - 00000197 _____ () C:\Windows\system32\2015-01-27-18-47-55.084-AvastVBoxSVC.exe-1636.log
2015-01-27 16:00 - 2015-01-27 16:00 - 00000197 _____ () C:\Windows\system32\2015-01-27-15-00-42.022-AvastVBoxSVC.exe-2092.log
2015-01-27 13:03 - 2015-01-27 13:03 - 00000197 _____ () C:\Windows\system32\2015-01-27-12-03-42.002-AvastVBoxSVC.exe-2156.log
2015-01-27 10:52 - 2015-01-27 10:52 - 00000197 _____ () C:\Windows\system32\2015-01-27-09-52-19.078-AvastVBoxSVC.exe-1144.log
2015-01-27 05:46 - 2015-01-27 05:46 - 00000197 _____ () C:\Windows\system32\2015-01-27-04-46-41.029-AvastVBoxSVC.exe-2056.log
2015-01-27 04:15 - 2015-01-27 04:15 - 00000197 _____ () C:\Windows\system32\2015-01-27-03-15-39.087-AvastVBoxSVC.exe-1324.log
2015-01-26 22:26 - 2015-01-26 22:27 - 00000197 _____ () C:\Windows\system32\2015-01-26-21-26-55.049-AvastVBoxSVC.exe-2244.log
2015-01-26 20:04 - 2015-01-26 20:04 - 00000197 _____ () C:\Windows\system32\2015-01-26-19-04-11.025-AvastVBoxSVC.exe-2152.log
2015-01-26 16:29 - 2015-01-26 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-26 16:29 - 2015-01-26 16:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-26 16:28 - 2015-01-26 16:29 - 06958304 _____ (Microsoft Corporation) C:\Users\Heinz-Willi\Downloads\Silverlight.exe
2015-01-26 16:19 - 2015-01-26 16:19 - 00000197 _____ () C:\Windows\system32\2015-01-26-15-19-37.043-AvastVBoxSVC.exe-2188.log
2015-01-26 14:23 - 2015-01-26 14:23 - 00000197 _____ () C:\Windows\system32\2015-01-26-13-23-27.082-AvastVBoxSVC.exe-464.log
2015-01-26 11:57 - 2015-01-26 11:57 - 00000247 _____ () C:\Windows\system32\2015-01-26-10-57-17.041-aswFe.exe-2984.log
2015-01-26 11:53 - 2015-01-26 11:57 - 00000247 _____ () C:\Windows\system32\2015-01-26-10-53-28.059-aswFe.exe-2596.log
2015-01-26 11:53 - 2015-01-26 11:53 - 00000197 _____ () C:\Windows\system32\2015-01-26-10-53-25.052-AvastVBoxSVC.exe-2116.log
2015-01-25 21:46 - 2015-01-25 21:46 - 00000197 _____ () C:\Windows\system32\2015-01-25-20-46-28.076-AvastVBoxSVC.exe-2248.log
2015-01-25 20:59 - 2015-01-25 20:59 - 00000197 _____ () C:\Windows\system32\2015-01-25-19-59-40.038-AvastVBoxSVC.exe-2268.log
2015-01-25 17:22 - 2015-01-25 17:22 - 00000197 _____ () C:\Windows\system32\2015-01-25-16-22-37.041-AvastVBoxSVC.exe-1976.log
2015-01-25 11:49 - 2015-01-25 11:49 - 00000197 _____ () C:\Windows\system32\2015-01-25-10-49-26.054-AvastVBoxSVC.exe-1108.log
2015-01-25 08:26 - 2015-01-25 08:26 - 00000197 _____ () C:\Windows\system32\2015-01-25-07-26-07.049-AvastVBoxSVC.exe-2268.log
2015-01-25 05:15 - 2015-01-25 05:15 - 00000197 _____ () C:\Windows\system32\2015-01-25-04-15-17.020-AvastVBoxSVC.exe-2316.log
2015-01-24 20:21 - 2015-01-24 20:21 - 00000197 _____ () C:\Windows\system32\2015-01-24-19-21-48.009-AvastVBoxSVC.exe-1136.log
2015-01-24 18:54 - 2015-01-24 18:54 - 00000197 _____ () C:\Windows\system32\2015-01-24-17-54-14.022-AvastVBoxSVC.exe-2508.log
2015-01-24 16:50 - 2015-01-24 16:50 - 00000197 _____ () C:\Windows\system32\2015-01-24-15-50-04.027-AvastVBoxSVC.exe-2848.log
2015-01-24 13:48 - 2015-01-24 13:48 - 00000197 _____ () C:\Windows\system32\2015-01-24-12-48-16.074-AvastVBoxSVC.exe-2084.log
2015-01-24 03:47 - 2015-01-24 03:47 - 00000197 _____ () C:\Windows\system32\2015-01-24-02-47-36.009-AvastVBoxSVC.exe-2532.log
2015-01-23 22:50 - 2015-01-23 22:50 - 00000197 _____ () C:\Windows\system32\2015-01-23-21-50-02.086-AvastVBoxSVC.exe-1528.log
2015-01-23 22:26 - 2015-01-23 22:26 - 00000197 _____ () C:\Windows\system32\2015-01-23-21-26-28.025-AvastVBoxSVC.exe-348.log
2015-01-23 19:50 - 2015-01-23 19:50 - 00000197 _____ () C:\Windows\system32\2015-01-23-18-50-19.086-AvastVBoxSVC.exe-2408.log
2015-01-23 18:14 - 2015-01-23 18:14 - 00000197 _____ () C:\Windows\system32\2015-01-23-17-14-16.023-AvastVBoxSVC.exe-3256.log
2015-01-23 16:22 - 2015-01-23 16:22 - 00000197 _____ () C:\Windows\system32\2015-01-23-15-22-26.052-AvastVBoxSVC.exe-1576.log
2015-01-23 14:14 - 2015-01-23 14:15 - 00000197 _____ () C:\Windows\system32\2015-01-23-13-14-40.022-AvastVBoxSVC.exe-3456.log
2015-01-23 11:28 - 2015-01-23 11:29 - 00000197 _____ () C:\Windows\system32\2015-01-23-10-28-54.065-AvastVBoxSVC.exe-1564.log
2015-01-23 05:06 - 2015-01-23 05:06 - 00000197 _____ () C:\Windows\system32\2015-01-23-04-06-04.073-AvastVBoxSVC.exe-2512.log
2015-01-22 19:38 - 2015-01-22 19:38 - 00000197 _____ () C:\Windows\system32\2015-01-22-18-38-28.058-AvastVBoxSVC.exe-2172.log
2015-01-22 16:38 - 2015-01-22 16:38 - 00000197 _____ () C:\Windows\system32\2015-01-22-15-38-01.045-AvastVBoxSVC.exe-1172.log
2015-01-22 14:48 - 2015-01-22 14:48 - 00000197 _____ () C:\Windows\system32\2015-01-22-13-48-37.003-AvastVBoxSVC.exe-1304.log
2015-01-22 13:17 - 2015-01-22 13:18 - 00000197 _____ () C:\Windows\system32\2015-01-22-12-17-39.029-AvastVBoxSVC.exe-1344.log
2015-01-22 05:49 - 2015-01-22 05:49 - 00000197 _____ () C:\Windows\system32\2015-01-22-04-49-41.001-AvastVBoxSVC.exe-2392.log
2015-01-21 22:04 - 2015-01-21 22:05 - 00000197 _____ () C:\Windows\system32\2015-01-21-21-04-37.090-AvastVBoxSVC.exe-2224.log
2015-01-21 17:55 - 2015-01-21 17:55 - 00000197 _____ () C:\Windows\system32\2015-01-21-16-55-23.040-AvastVBoxSVC.exe-3248.log
2015-01-21 14:02 - 2015-01-21 14:03 - 00000197 _____ () C:\Windows\system32\2015-01-21-13-02-51.040-AvastVBoxSVC.exe-2056.log
2015-01-21 11:16 - 2015-01-21 11:16 - 00000197 _____ () C:\Windows\system32\2015-01-21-10-16-09.075-AvastVBoxSVC.exe-356.log
2015-01-21 05:12 - 2015-01-21 05:12 - 00000197 _____ () C:\Windows\system32\2015-01-21-04-12-08.006-AvastVBoxSVC.exe-2076.log
2015-01-20 22:40 - 2015-01-20 22:40 - 00000197 _____ () C:\Windows\system32\2015-01-20-21-40-54.055-AvastVBoxSVC.exe-1316.log
2015-01-20 19:25 - 2015-01-20 19:26 - 00000197 _____ () C:\Windows\system32\2015-01-20-18-25-49.073-AvastVBoxSVC.exe-2332.log
2015-01-20 16:03 - 2015-01-20 16:03 - 00000197 _____ () C:\Windows\system32\2015-01-20-15-03-24.050-AvastVBoxSVC.exe-2408.log
2015-01-20 13:16 - 2015-01-20 13:17 - 00000197 _____ () C:\Windows\system32\2015-01-20-12-16-38.071-AvastVBoxSVC.exe-2084.log
2015-01-20 08:48 - 2015-01-20 08:48 - 00000197 _____ () C:\Windows\system32\2015-01-20-07-48-54.039-AvastVBoxSVC.exe-2084.log
2015-01-20 07:14 - 2015-01-20 07:14 - 00000197 _____ () C:\Windows\system32\2015-01-20-06-14-04.094-AvastVBoxSVC.exe-1528.log
2015-01-20 05:50 - 2015-01-20 05:50 - 00000197 _____ () C:\Windows\system32\2015-01-20-04-50-45.057-AvastVBoxSVC.exe-2228.log
2015-01-19 21:10 - 2015-01-19 21:11 - 00000197 _____ () C:\Windows\system32\2015-01-19-20-10-59.073-AvastVBoxSVC.exe-2152.log
2015-01-19 19:56 - 2015-01-19 19:56 - 00000197 _____ () C:\Windows\system32\2015-01-19-18-56-49.087-AvastVBoxSVC.exe-1244.log
2015-01-19 19:25 - 2015-01-19 19:25 - 00000197 _____ () C:\Windows\system32\2015-01-19-18-25-51.008-AvastVBoxSVC.exe-2516.log
2015-01-19 13:01 - 2015-01-19 13:01 - 00000197 _____ () C:\Windows\system32\2015-01-19-12-01-23.080-AvastVBoxSVC.exe-1368.log
2015-01-19 09:05 - 2015-01-19 09:05 - 00000197 _____ () C:\Windows\system32\2015-01-19-08-05-40.055-AvastVBoxSVC.exe-2192.log
2015-01-19 00:14 - 2015-01-19 00:14 - 00000197 _____ () C:\Windows\system32\2015-01-18-23-14-45.028-AvastVBoxSVC.exe-1792.log
2015-01-18 20:33 - 2015-01-18 20:34 - 00000197 _____ () C:\Windows\system32\2015-01-18-19-33-46.064-AvastVBoxSVC.exe-2432.log
2015-01-18 17:29 - 2015-01-18 17:29 - 00000197 _____ () C:\Windows\system32\2015-01-18-16-29-02.071-AvastVBoxSVC.exe-2384.log
2015-01-18 14:32 - 2015-01-18 14:32 - 00000197 _____ () C:\Windows\system32\2015-01-18-13-32-11.033-AvastVBoxSVC.exe-2336.log
2015-01-18 11:30 - 2015-01-18 11:30 - 00000197 _____ () C:\Windows\system32\2015-01-18-10-30-38.046-AvastVBoxSVC.exe-1852.log
2015-01-18 08:14 - 2015-01-18 08:14 - 00000197 _____ () C:\Windows\system32\2015-01-18-07-14-10.066-AvastVBoxSVC.exe-2904.log
2015-01-17 20:46 - 2015-01-17 20:46 - 00000247 _____ () C:\Windows\system32\2015-01-17-19-46-26.045-aswFe.exe-1068.log
2015-01-17 20:42 - 2015-01-17 20:46 - 00000247 _____ () C:\Windows\system32\2015-01-17-19-42-13.075-aswFe.exe-672.log
2015-01-17 16:38 - 2015-01-17 16:38 - 00000197 _____ () C:\Windows\system32\2015-01-17-15-38-21.056-AvastVBoxSVC.exe-2152.log
2015-01-17 15:57 - 2015-01-17 15:57 - 00000197 _____ () C:\Windows\system32\2015-01-17-14-57-41.090-AvastVBoxSVC.exe-356.log
2015-01-17 14:32 - 2015-01-17 14:33 - 00000197 _____ () C:\Windows\system32\2015-01-17-13-32-49.027-AvastVBoxSVC.exe-2784.log
2015-01-17 12:00 - 2015-01-17 12:00 - 00000197 _____ () C:\Windows\system32\2015-01-17-11-00-16.009-AvastVBoxSVC.exe-2364.log
2015-01-17 08:03 - 2015-01-17 08:03 - 00000197 _____ () C:\Windows\system32\2015-01-17-07-03-46.085-AvastVBoxSVC.exe-2076.log
2015-01-16 19:52 - 2015-01-16 19:52 - 00000197 _____ () C:\Windows\system32\2015-01-16-18-52-38.036-AvastVBoxSVC.exe-2128.log
2015-01-16 18:45 - 2015-01-16 18:45 - 00000197 _____ () C:\Windows\system32\2015-01-16-17-45-40.013-AvastVBoxSVC.exe-2488.log
2015-01-16 15:31 - 2015-01-16 15:31 - 00000197 _____ () C:\Windows\system32\2015-01-16-14-31-39.064-AvastVBoxSVC.exe-2172.log
2015-01-16 12:27 - 2015-01-16 12:27 - 00000197 _____ () C:\Windows\system32\2015-01-16-11-27-24.068-AvastVBoxSVC.exe-2052.log
2015-01-16 07:08 - 2015-01-16 07:08 - 00000197 _____ () C:\Windows\system32\2015-01-16-06-08-48.021-AvastVBoxSVC.exe-2364.log
2015-01-16 04:23 - 2015-01-16 04:23 - 00000197 _____ () C:\Windows\system32\2015-01-16-03-23-22.040-AvastVBoxSVC.exe-2296.log
2015-01-16 02:58 - 2015-01-16 02:58 - 00000197 _____ () C:\Windows\system32\2015-01-16-01-58-00.056-AvastVBoxSVC.exe-2736.log
2015-01-15 20:35 - 2015-01-15 20:35 - 00000197 _____ () C:\Windows\system32\2015-01-15-19-35-22.069-AvastVBoxSVC.exe-2644.log
2015-01-15 17:33 - 2015-01-15 17:33 - 00000197 _____ () C:\Windows\system32\2015-01-15-16-33-51.000-AvastVBoxSVC.exe-2308.log
2015-01-15 16:07 - 2015-01-15 16:07 - 00000197 _____ () C:\Windows\system32\2015-01-15-15-07-34.060-AvastVBoxSVC.exe-2304.log
2015-01-15 12:54 - 2015-01-15 12:54 - 00000197 _____ () C:\Windows\system32\2015-01-15-11-54-48.071-AvastVBoxSVC.exe-2644.log
2015-01-15 10:03 - 2015-01-15 10:03 - 00000197 _____ () C:\Windows\system32\2015-01-15-09-03-09.029-AvastVBoxSVC.exe-2756.log
2015-01-15 08:12 - 2015-01-15 08:12 - 00000197 _____ () C:\Windows\system32\2015-01-15-07-12-54.037-AvastVBoxSVC.exe-2456.log
2015-01-15 06:16 - 2015-01-15 06:16 - 00000197 _____ () C:\Windows\system32\2015-01-15-05-16-09.043-AvastVBoxSVC.exe-2496.log
2015-01-14 23:46 - 2015-01-14 23:46 - 00000197 _____ () C:\Windows\system32\2015-01-14-22-46-03.080-AvastVBoxSVC.exe-2156.log
2015-01-14 20:15 - 2015-01-14 20:15 - 00000197 _____ () C:\Windows\system32\2015-01-14-19-15-01.044-AvastVBoxSVC.exe-2172.log
2015-01-14 17:33 - 2015-01-14 17:33 - 00000197 _____ () C:\Windows\system32\2015-01-14-16-33-06.092-AvastVBoxSVC.exe-2352.log
2015-01-14 14:24 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 14:24 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 14:24 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:24 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 14:17 - 2015-01-14 14:18 - 00000197 _____ () C:\Windows\system32\2015-01-14-13-17-48.084-AvastVBoxSVC.exe-2156.log
2015-01-14 03:56 - 2015-01-14 03:56 - 00000197 _____ () C:\Windows\system32\2015-01-14-02-56-39.069-AvastVBoxSVC.exe-2376.log
2015-01-14 01:55 - 2015-01-14 01:55 - 00000197 _____ () C:\Windows\system32\2015-01-14-00-55-31.019-AvastVBoxSVC.exe-2216.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-13 21:03 - 2014-10-01 17:39 - 00000000 ____D () C:\Users\Admin
2015-02-13 20:49 - 2014-11-12 00:26 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-02-13 20:49 - 2009-07-14 05:34 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-13 20:49 - 2009-07-14 05:34 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-13 20:45 - 2014-10-02 18:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-13 20:45 - 2014-10-01 17:25 - 01821852 _____ () C:\Windows\WindowsUpdate.log
2015-02-13 20:42 - 2014-10-01 21:22 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-13 20:42 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-13 02:18 - 2014-10-13 22:32 - 00000000 ___RD () C:\Users\Heinz-Willi\Documents\HP Melsbach neu
2015-02-12 23:04 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-12 15:04 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-12 12:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-11 19:54 - 2009-07-14 05:33 - 00433048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 19:52 - 2014-12-11 10:29 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 19:52 - 2014-10-02 12:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 19:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-02-11 18:13 - 2014-10-15 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 18:07 - 2014-10-23 14:01 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 14:12 - 2014-10-01 17:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 14:12 - 2009-07-14 03:04 - 00000580 _____ () C:\Windows\win.ini
2015-02-11 02:18 - 2014-10-03 22:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-09 13:28 - 2014-10-01 23:10 - 00000000 ___RD () C:\Users\Heinz-Willi\Documents\HP Melsbach
2015-02-05 20:45 - 2014-10-02 18:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 20:45 - 2014-10-02 18:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 16:06 - 2014-10-01 21:22 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 23:12 - 2014-07-20 15:28 - 00000000 ____D () C:\Users\Heinz-Willi\Desktop\Homepage Schalke
2015-01-29 17:09 - 2014-10-14 21:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-27 06:07 - 2014-10-01 17:39 - 01591896 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 02:56 - 2014-10-23 17:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 16:25 - 2014-11-05 20:55 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-26 16:25 - 2014-11-05 20:54 - 00000000 ____D () C:\Program Files\Java
2015-01-26 16:24 - 2014-12-04 18:01 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-26 02:54 - 2014-10-02 02:42 - 00000000 ____D () C:\Users\Heinz-Willi\AppData\Local\Microsoft Games
2015-01-24 03:45 - 2009-07-14 05:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-19 01:01 - 2014-10-01 21:11 - 00000000 ____D () C:\Users\Heinz-Willi\Desktop\Sicherheitsprogramme
2015-01-19 00:18 - 2014-11-06 01:33 - 00000000 ____D () C:\Users\Admin\Downloads\backups
2015-01-19 00:11 - 2014-11-05 22:26 - 00000000 ____D () C:\ProgramData\ddc24aa9-6c5d-44d0-8c40-9bed83bb2ab7
2015-01-19 00:00 - 2014-11-07 17:19 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-18 23:59 - 2014-11-07 17:18 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2015-01-18 02:39 - 2014-11-02 02:18 - 00000000 ____D () C:\Users\Heinz-Willi\Documents\50plus
2015-01-16 14:12 - 2014-11-26 23:49 - 00000000 ____D () C:\Users\Heinz-Willi\Documents\Computer Bild
==================== Files in the root of some directories =======
2014-11-08 20:43 - 2014-11-08 20:43 - 0002212 _____ () C:\Users\Heinz-Willi\AppData\Local\recently-used.xbel
2015-02-11 02:20 - 2015-02-11 02:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Heinz-Willi\AppData\Local\Temp\jre-8u31-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-02-2015
Ran by Heinz-Willi at 2015-02-13 21:08:26
Running from C:\Users\Heinz-Willi\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4 Elements II (HKLM\...\4 Elements II_is1) (Version: 1.0 - MyPlayCity, Inc.)
7-Zip 9.34 alpha (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Ahnenblatt 2.85 (HKLM\...\Ahnenblatt_is1) (Version: 2.85.0.1 - Dirk Böttcher)
Amazing Pyramids (HKLM\...\Amazing Pyramids_is1) (Version: 1.0 - MyPlayCity, Inc.)
Anka (HKLM\...\Anka_is1) (Version: 1.0 - MyPlayCity, Inc.)
Astro Avenger 2 (HKLM\...\Astro Avenger 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Atlantis Quest (HKLM\...\Atlantis Quest_is1) (Version: 1.0 - MyPlayCity, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bato (HKLM\...\Bato_is1) (Version: 1.0 - MyPlayCity, Inc.)
Beetle Bug 3 (HKLM\...\Beetle Bug 3_is1) (Version: 1.0 - MyPlayCity, Inc.)
Boulder Crash version 1.0 (HKLM\...\{3359B4FC-E557-451E-AB7F-982197E5454D}}_is1) (Version: 1.0 - Aleksey Taranov)
Brickshooter Egypt (HKLM\...\Brickshooter Egypt_is1) (Version: 1.0 - MyPlayCity, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Christmas Griddlers (HKLM\...\Christmas Griddlers_is1) (Version: 1.0 - MyPlayCity, Inc.)
Clutter II - He Said, She Said (HKLM\...\Clutter II - He Said, She Said_is1) (Version: 1.0 - MyPlayCity, Inc.)
Cradle of Rome (HKLM\...\Cradle of Rome_is1) (Version: 1.0 - MyPlayCity, Inc.)
EaseUS Data Recovery Wizard 8.5 (HKLM\...\EaseUS Data Recovery Wizard 8.5_is1) (Version: - EaseUS)
Farm Frenzy - Gone Fishing (HKLM\...\Farm Frenzy - Gone Fishing_is1) (Version: 1.0 - MyPlayCity, Inc.)
Free QuizMaker 6 (HKLM\...\{2291F7F8-69DD-4B4F-B843-BA5B57999918}) (Version: 6.2.0 - iSpring Solutions Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Griddlers - Ted and PET (HKLM\...\Griddlers - Ted and PET_is1) (Version: 1.0 - MyPlayCity, Inc.)
Incredi Basketball (HKLM\...\Incredi Basketball_is1) (Version: 1.0 - MyPlayCity, Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest II (HKLM\...\Jewel Quest II_is1) (Version: 1.0 - MyPlayCity, Inc.)
Jurassic Mahjong (HKLM\...\Jurassic Mahjong_is1) (Version: 1.0 - MyPlayCity, Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Olympus Griddlers (HKLM\...\Olympus Griddlers_is1) (Version: 1.0 - MyPlayCity, Inc.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Rainbow Web 2 (HKLM\...\Rainbow Web 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Rise of Mythos (HKLM\...\Rise of Mythos_is1) (Version: 1.0 - MyPlayCity, Inc.)
Scratch 2 Offline Editor (HKLM\...\edu.media.mit.Scratch2Editor) (Version: 428 - MIT Media Lab)
Scratch 2 Offline Editor (Version: 255 - MIT Media Lab) Hidden
Season Match - Curse of the Witch Crow (HKLM\...\Season Match - Curse of the Witch Crow_is1) (Version: 1.0 - MyPlayCity, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SlimDrivers (HKLM\...\{03E312F7-8697-4BC4-A90F-33D34EECE18C}) (Version: 2.2.44488 - SlimWare Utilities, Inc.)
Snowy - Treasure Hunter 3 (HKLM\...\Snowy - Treasure Hunter 3_is1) (Version: 1.0 - MyPlayCity, Inc.)
Star Defender 4 (HKLM\...\Star Defender 4_is1) (Version: 1.0 - MyPlayCity, Inc.)
Turtix (HKLM\...\Turtix_is1) (Version: 1.0 - MyPlayCity, Inc.)
Woolies Adventure (HKLM\...\Woolies Adventure_is1) (Version: - My Real Games Ltd)
ZOODomino (HKLM\...\ZOODomino_is1) (Version: 1.0 - MyPlayCity, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\SlimDrivers Startup.job => ?
==================== Loaded Modules (whitelisted) ==============
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-02 20:36 - 2014-12-02 20:36 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-23 17:34 - 2015-01-27 02:56 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-724745677-1146776812-3954023175-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Heinz-Willi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Admin (S-1-5-21-724745677-1146776812-3954023175-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-724745677-1146776812-3954023175-500 - Administrator - Disabled)
Gast (S-1-5-21-724745677-1146776812-3954023175-501 - Limited - Disabled)
Heinz-Willi (S-1-5-21-724745677-1146776812-3954023175-1001 - Limited - Enabled) => C:\Users\Heinz-Willi
HomeGroupUser$ (S-1-5-21-724745677-1146776812-3954023175-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/11/2015 05:17:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1738
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (02/11/2015 02:10:45 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f8dd1ff7-2b51-4235-861d-7da59deb8c36}
Error: (02/07/2015 10:54:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x368
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/28/2015 04:39:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xe74
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/21/2015 02:40:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Vorgang:
Für die Sicherung initialisieren
Error: (01/21/2015 02:40:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Vorgang:
Für die Sicherung initialisieren
Error: (01/15/2015 02:04:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mspaint.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc683
Name des fehlerhaften Moduls: mspaint.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc683
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003e401
ID des fehlerhaften Prozesses: 0x70c
Startzeit der fehlerhaften Anwendung: 0xmspaint.exe0
Pfad der fehlerhaften Anwendung: mspaint.exe1
Pfad des fehlerhaften Moduls: mspaint.exe2
Berichtskennung: mspaint.exe3
Error: (01/12/2015 05:11:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gimp-2.8.exe, Version 2.8.14.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e98
Startzeit: 01d02e825b19c5aa
Endzeit: 10
Anwendungspfad: C:\Program Files\GIMP 2\bin\gimp-2.8.exe
Berichts-ID: a10c9e87-9a75-11e4-ad99-002268670f8a
Error: (01/06/2015 05:09:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Hot-Potatoes-lnstall.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 718
Startzeit: 01d029ca97151b94
Endzeit: 33
Anwendungspfad: C:\Users\Heinz-Willi\Downloads\Hot-Potatoes-lnstall.exe
Berichts-ID: 653e1047-95be-11e4-af6b-002268670f8a
Error: (01/05/2015 00:51:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gimp-2.8.exe, Version 2.8.14.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 96c
Startzeit: 01d028ddefba41db
Endzeit: 16
Anwendungspfad: C:\Program Files\GIMP 2\bin\gimp-2.8.exe
Berichts-ID: 3d650b90-94d1-11e4-941f-002268670f8a
System errors:
=============
Error: (02/13/2015 05:10:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/13/2015 02:50:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/12/2015 07:52:43 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/12/2015 06:37:46 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/12/2015 06:33:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/12/2015 01:50:40 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/11/2015 09:45:53 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/11/2015 05:00:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/11/2015 01:04:20 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/10/2015 00:45:12 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (02/11/2015 05:17:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425173801d046159ec40cf3C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll7e5ff979-b209-11e4-ad14-002268670f8a
Error: (02/11/2015 02:10:45 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f8dd1ff7-2b51-4235-861d-7da59deb8c36}
Error: (02/07/2015 10:54:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f224800000030000142536801d043173a7be1eaC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dllde4328d5-af13-11e4-8cfe-002268670f8a
Error: (01/28/2015 04:39:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425e7401d03b10227870d6C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dlle5e7b1de-a703-11e4-b4b5-002268670f8a
Error: (01/21/2015 02:40:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)0x8007045b, Der Computer wird heruntergefahren.
Vorgang:
Für die Sicherung initialisieren
Error: (01/21/2015 02:40:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)0x8007045b, Der Computer wird heruntergefahren.
Vorgang:
Für die Sicherung initialisieren
Error: (01/15/2015 02:04:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mspaint.exe6.1.7600.163854a5bc683mspaint.exe6.1.7600.163854a5bc683c00000050003e40170c01d0305f10a9c33fC:\Windows\system32\mspaint.exeC:\Windows\system32\mspaint.exe7ea1f964-9c52-11e4-9c3d-002268670f8a
Error: (01/12/2015 05:11:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gimp-2.8.exe2.8.14.0e9801d02e825b19c5aa10C:\Program Files\GIMP 2\bin\gimp-2.8.exea10c9e87-9a75-11e4-ad99-002268670f8a
Error: (01/06/2015 05:09:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hot-Potatoes-lnstall.exe0.0.0.071801d029ca97151b9433C:\Users\Heinz-Willi\Downloads\Hot-Potatoes-lnstall.exe653e1047-95be-11e4-af6b-002268670f8a
Error: (01/05/2015 00:51:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gimp-2.8.exe2.8.14.096c01d028ddefba41db16C:\Program Files\GIMP 2\bin\gimp-2.8.exe3d650b90-94d1-11e4-941f-002268670f8a
CodeIntegrity Errors:
===================================
Date: 2014-10-23 14:43:25.746
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.574
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.371
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.200
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.841
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.654
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.467
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.279
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) Dual Core Processor 5050e
Percentage of memory in use: 43%
Total physical RAM: 2815.18 MB
Available physical RAM: 1580.03 MB
Total Pagefile: 5628.65 MB
Available Pagefile: 4339.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:290.78 GB) (Free:118.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Eigene Dateien) (Fixed) (Total:53.71 GB) (Free:52.22 GB) NTFS
Drive e: (Sonstige Programme) (Fixed) (Total:102.54 GB) (Free:94.66 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-13 21:36:39
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD6400AAKS-22A7B2 rev.01.03B01 596,17GB
Running: Gmer-19357.exe; Driver: C:\Users\Admin\AppData\Local\Temp\ffliauod.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAddBootEntry [0x8FE2EAC4]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwAllocateVirtualMemory [0x8FEEA0BA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0x8FE2F5A2]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEvent [0x8FE3B63C]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEventPair [0x8FE3B688]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0x8FE3B822]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateMutant [0x8FE3B5AA]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateSection [0x8FEEA494]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateSemaphore [0x8FE3B5F2]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateThread [0x8FEEA724]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateThreadEx [0x8FEEA80E]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateTimer [0x8FE3B7DC]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0x8FE30390]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0x8FE2EB2A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDuplicateObject [0x8FE33B86]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwLoadDriver [0x8FE2E716]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwMapViewOfSection [0x8FEEA574]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwModifyBootEntry [0x8FE2EB90]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0x8FE33F7C]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0x8FE30E78]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEvent [0x8FE3B666]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEventPair [0x8FE3B6AA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0x8FE3B846]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenMutant [0x8FE3B5D0]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenProcess [0x8FE3347E]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSection [0x8FE3B75A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSemaphore [0x8FE3B61A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenThread [0x8FE3386A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenTimer [0x8FE3B800]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0x8FEEA312]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueryObject [0x8FE30CEC]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueueApcThreadEx [0x8FE309FA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0x8FE2EBF6]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootOptions [0x8FE2EC5C]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwSetContextThread [0x8FEEA670]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemInformation [0x8FE2E7B0]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0x8FE2E982]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwShutdownSystem [0x8FE2E910]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendProcess [0x8FE3055A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendThread [0x8FE306BC]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSystemDebugControl [0x8FE2EA0A]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwTerminateProcess [0x8FEEA3E0]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwTerminateThread [0x8FE301EA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwVdmControl [0x8FE2ECC2]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwWriteVirtualMemory [0x8FEEA244]
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRequestWaitReplyPort + 1495 82C819E5 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CBB312 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 82CC2550 4 Bytes JMP C42D8FE2
.text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 82CC2578 4 Bytes [BA, A0, EE, 8F]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1153 82CC25D8 4 Bytes [A2, F5, E2, 8F]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 82CC262C 8 Bytes [3C, B6, E3, 8F, 88, B6, E3, ...]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11B3 82CC2638 4 Bytes [22, B8, E3, 8F]
.text ...
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 82E7E61D 4 Bytes CALL 8FE3155F \SystemRoot\system32\drivers\aswSnx.sys
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 82E98483 4 Bytes CALL 8FE31575 \SystemRoot\system32\drivers\aswSnx.sys
.text C:\Windows\system32\drivers\atikmdag.sys section is writeable [0x91031000, 0x227A14, 0xE8000020]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Microsoft Office\Office14\WINWORD.EXE[304] kernel32.dll!SetUnhandledExceptionFilter 762BF5AB 5 Bytes JMP 5D3A7765 C:\Program Files\Common Files\Microsoft Shared\office14\mso.dll
.text C:\Program Files\Microsoft Office\Office14\WINWORD.EXE[304] ole32.dll!OleLoadFromStream 77B36143 5 Bytes JMP 5E0BA10A C:\Program Files\Common Files\Microsoft Shared\office14\mso.dll
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1332] kernel32.dll!SetUnhandledExceptionFilter 762BF5AB 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text C:\Program Files\AVAST Software\Avast\avastui.exe[3672] kernel32.dll!SetUnhandledExceptionFilter 762BF5AB 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] ntdll.dll!NtCreateFile 77D85608 5 Bytes JMP 65379AE0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] ntdll.dll!NtFlushBuffersFile 77D85998 5 Bytes JMP 6535C434 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] ntdll.dll!NtQueryFullAttributesFile 77D86028 5 Bytes JMP 6535C150 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] ntdll.dll!NtReadFile 77D862F8 5 Bytes JMP 6535C330 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] ntdll.dll!NtReadFileScatter 77D86308 5 Bytes JMP 65D7F60F C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] ntdll.dll!NtWriteFile 77D86AA8 5 Bytes JMP 6537A9F0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] ntdll.dll!NtWriteFileGather 77D86AB8 5 Bytes JMP 65D7F5BE C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] ntdll.dll!LdrUnloadDll 77D9C8DE 5 Bytes JMP 000E03FC
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] ntdll.dll!LdrLoadDll 77DA22AE 5 Bytes JMP 6B4D1F42 C:\Program Files\Mozilla Firefox\mozglue.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] KERNEL32.dll!K32GetDeviceDriverBaseNameW + 5D 762B94E6 7 Bytes JMP 65CA4AA0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] KERNEL32.dll!QueryPerformanceCounter + 13 762BC4E5 7 Bytes JMP 65CA4AC3 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] KERNEL32.dll!LoadAppInitDlls + 355 762BF5A6 7 Bytes JMP 653763D0 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] user32.dll!GetWindowInfo 77EB4B5E 5 Bytes JMP 65B9B991 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3700] GDI32.dll!GetViewportOrgEx + 26C 7699884B 7 Bytes JMP 65CA4A21 C:\Program Files\Mozilla Firefox\xul.dll
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@A8D78A47 703
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{2289287D-4987-11E4-BE0F-806E6F6E6963} 8356843696
---- EOF - GMER 2.1 ----
Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 00:14:19, on 19.01.2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\CCleaner\CCleaner.exe C:\Windows\system32\wbem\unsecapp.exe C:\Users\Admin\Downloads\hijackthis_29344.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe" "C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware " O4 - HKCU\..\Run: [EPSON BX305 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGJE.EXE /FU "C:\Windows\TEMP\E_SC754.tmp" /EF "HKCU" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- End of file - 5284 bytes |
|
13.02.2015, 22:33
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Zunehmende Verzögerung im Seitenaufbau mit Firefox Hallo und
__________________ Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
13.02.2015, 23:03
| #3 |
| | Zunehmende Verzögerung im Seitenaufbau mit Firefox Sorry, nun habe ich so achtgepasst, aber...
__________________Soll ich das ganze noch einmal vom Desktop aus machen und dann neu einreichen? Die heruntergeladenen Dateien habe ich ja noch alle. Diesen Post könnte man ja dann löschen, damit er nicht doppelt ist. Neue Logfiles habe ich keine mehr. Ich kann nur soviel sagen, dass ja avast nichts mehr gefunden hat seit dem angegeben Datum. VG |
|
14.02.2015, 00:21
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Zunehmende Verzögerung im Seitenaufbau mit Firefox Jup, dann bitte neue FRST-Logs. FRST vom Desktop mit Adminrechten starten 
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.02.2015, 00:26
| #5 |
| | Zunehmende Verzögerung im Seitenaufbau mit Firefox OK, dann lösche das hier alles raus. Thema kommt mit gleicher Überschrift dann neu, aber nicht mehr jetzt. Irgendwann am Samstag nachmittag. Danke vorab. |
|
14.02.2015, 00:53
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Zunehmende Verzögerung im Seitenaufbau mit Firefox Wieso neues Thema  Einfach die neuen Logs hier rein
__________________ --> Zunehmende Verzögerung im Seitenaufbau mit Firefox |
|
14.02.2015, 12:46
| #7 |
| | Zunehmende Verzögerung im Seitenaufbau mit Firefox So, hier nun der zweite Versuch als Admin und vom Desktop aus. Im Gegensatz zu gestern meldete sich bei FRST mein Antivirenprogramm Avast und analysierte die Datei, war aber alles in Ordnung. Sowohl gestern als auch heute brach GMER beim ersten Mal nach kurzer Zeit den Suchlauf ab und führte ihn jeweils erst beim zweiten Mal komplett durch. Den Bericht HijackThis füge ich nicht noch einmal bei, er liegt ja vor. Hier die LogFiles: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:56 on 14/02/2015 (Admin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-02-2015
Ran by Admin (administrator) on HEINZ-WILLI-PC on 14-02-2015 11:59:41
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available profiles: Heinz-Willi & Admin)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 2000-01-01] (Realtek Semiconductor)
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-724745677-1146776812-3954023175-1003 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\w1zsoiul.default
FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: www.google.de
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\w1zsoiul.default\searchplugins\yahoo-avast.xml
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\w1zsoiul.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-01]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.sweet-page.com/?type=hp&ts=1415217038&from=cor&uid=WDCXWD6400AAKS-22A7B2_WD-WMASY742023120231
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1415217038&from=cor&uid=WDCXWD6400AAKS-22A7B2_WD-WMASY742023120231"
CHR DefaultSearchKeyword: Default -> sweet-page
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-01]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-01]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-02]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-01]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-01]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-01]
CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-01]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-01]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-12-02] (Avast Software)
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2009-09-13] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2009-09-13] (SEIKO EPSON CORPORATION)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-02] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [11232 2015-02-14] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-12-02] (Avast Software)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-14 11:59 - 2015-02-14 12:00 - 00011498 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-02-14 11:58 - 2015-02-14 11:59 - 00000280 _____ () C:\Windows\system32\2015-02-14-10-58-59.091-aswFe.exe-1364.log
2015-02-14 11:58 - 2015-02-14 11:58 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion
2015-02-14 11:56 - 2015-02-14 11:56 - 00000472 _____ () C:\Users\Admin\Desktop\defogger_disable.log
2015-02-14 09:14 - 2015-02-14 09:14 - 00000197 _____ () C:\Windows\system32\2015-02-14-08-14-50.013-AvastVBoxSVC.exe-2088.log
2015-02-14 02:09 - 2015-02-14 02:09 - 00000000 ____D () C:\Users\Heinz-Willi\Documents\My Games
2015-02-14 00:12 - 2015-02-14 00:12 - 00921654 _____ () C:\Users\Heinz-Willi\Documents\Bild6.bmp
2015-02-13 22:00 - 2015-02-13 22:00 - 00005285 _____ () C:\Users\Heinz-Willi\Desktop\HijackThis - Pruefung_19-01-15.txt
2015-02-13 21:16 - 2015-02-13 21:21 - 00380416 _____ () C:\Users\Admin\Desktop\Gmer-19357.exe
2015-02-13 21:10 - 2015-02-13 21:10 - 00058414 _____ () C:\Users\Heinz-Willi\Downloads\FRST-Editor.txt
2015-02-13 21:10 - 2015-02-13 21:10 - 00025376 _____ () C:\Users\Heinz-Willi\Downloads\Addition-Editor.txt
2015-02-13 21:07 - 2015-02-14 11:59 - 00000000 ____D () C:\FRST
2015-02-13 21:06 - 2015-02-14 11:58 - 01125888 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2015-02-13 21:05 - 2015-02-13 21:05 - 00050477 _____ () C:\Users\Heinz-Willi\Downloads\Defogger(1).exe
2015-02-13 21:03 - 2015-02-13 21:04 - 00000472 _____ () C:\Users\Heinz-Willi\Desktop\defogger_disable.log
2015-02-13 21:03 - 2015-02-13 21:03 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-02-13 21:01 - 2015-02-13 21:01 - 00050477 _____ () C:\Users\Admin\Desktop\Defogger.exe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default\AppData\Local\Adobe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default User\AppData\Local\Adobe
2015-02-13 20:43 - 2015-02-13 20:43 - 00000197 _____ () C:\Windows\system32\2015-02-13-19-43-00.060-AvastVBoxSVC.exe-2128.log
2015-02-13 16:41 - 2015-02-13 16:41 - 00000197 _____ () C:\Windows\system32\2015-02-13-15-41-33.018-AvastVBoxSVC.exe-2456.log
2015-02-13 14:28 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 14:28 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 14:23 - 2015-02-13 14:23 - 00000197 _____ () C:\Windows\system32\2015-02-13-13-23-38.053-AvastVBoxSVC.exe-2512.log
2015-02-12 21:50 - 2015-02-12 21:51 - 00000197 _____ () C:\Windows\system32\2015-02-12-20-50-56.080-AvastVBoxSVC.exe-2196.log
2015-02-12 18:35 - 2015-02-12 18:35 - 00000197 _____ () C:\Windows\system32\2015-02-12-17-35-02.049-AvastVBoxSVC.exe-3348.log
2015-02-12 14:21 - 2015-02-12 14:21 - 00000197 _____ () C:\Windows\system32\2015-02-12-13-21-21.046-AvastVBoxSVC.exe-2076.log
2015-02-12 11:23 - 2015-02-12 11:23 - 00000197 _____ () C:\Windows\system32\2015-02-12-10-23-21.090-AvastVBoxSVC.exe-2116.log
2015-02-12 10:59 - 2015-02-12 10:59 - 00000197 _____ () C:\Windows\system32\2015-02-12-09-59-23.031-AvastVBoxSVC.exe-2904.log
2015-02-12 00:37 - 2015-02-12 00:37 - 00000197 _____ () C:\Windows\system32\2015-02-11-23-37-12.070-AvastVBoxSVC.exe-2088.log
2015-02-11 22:19 - 2015-02-11 22:19 - 00011856 _____ () C:\Users\Heinz-Willi\Downloads\artmedic_wissensquiz.zip
2015-02-11 21:19 - 2015-02-11 21:19 - 00000197 _____ () C:\Windows\system32\2015-02-11-20-19-02.014-AvastVBoxSVC.exe-2428.log
2015-02-11 19:55 - 2015-02-11 19:55 - 00000197 _____ () C:\Windows\system32\2015-02-11-18-55-12.077-AvastVBoxSVC.exe-2124.log
2015-02-11 15:54 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 15:53 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 15:53 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 15:53 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 15:53 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 15:53 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 15:53 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 15:53 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 15:53 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 15:53 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 15:53 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 15:53 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 15:53 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 15:53 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 15:53 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:53 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 15:53 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-11 15:52 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-11 15:52 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 15:52 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 15:52 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 15:52 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 15:52 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 15:52 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 15:52 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 15:52 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 15:52 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 15:52 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 15:52 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 15:52 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 15:52 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 15:52 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 15:52 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 15:52 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 15:52 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 15:52 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 15:52 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 15:52 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 15:52 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 15:52 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 15:52 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 15:52 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 15:52 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 15:52 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 15:52 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 15:52 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 15:52 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 15:51 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 15:51 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 15:51 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:49 - 2015-02-11 15:49 - 00000197 _____ () C:\Windows\system32\2015-02-11-14-49-02.070-AvastVBoxSVC.exe-2108.log
2015-02-11 14:10 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:10 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:10 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:10 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 14:10 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 11:54 - 2015-02-11 11:54 - 00000197 _____ () C:\Windows\system32\2015-02-11-10-54-39.085-AvastVBoxSVC.exe-2056.log
2015-02-11 02:25 - 2015-02-11 02:25 - 00000197 _____ () C:\Windows\system32\2015-02-11-01-25-14.050-AvastVBoxSVC.exe-2652.log
2015-02-11 02:20 - 2015-02-11 02:20 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-11 02:20 - 2015-02-11 02:20 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-02-11 02:19 - 2000-01-01 01:00 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2015-02-11 02:19 - 2000-01-01 01:00 - 13789440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 11878656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-02-11 02:19 - 2000-01-01 01:00 - 04713224 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 03343832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-02-11 02:19 - 2000-01-01 01:00 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 02513264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 02354544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-02-11 02:19 - 2000-01-01 01:00 - 01823320 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-02-11 02:19 - 2000-01-01 01:00 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01053208 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00966904 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00948336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00945456 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00927448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00844192 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00818936 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00818000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00606968 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00386072 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00219896 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2015-02-11 02:18 - 2015-02-11 02:20 - 00000000 ___HD () C:\Program Files\Temp
2015-02-11 02:18 - 2015-02-11 02:18 - 00000000 ____D () C:\Program Files\Realtek
2015-02-11 02:18 - 2000-01-01 01:00 - 06177624 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 02421792 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01940056 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01490264 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01468608 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01175888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01145600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00966744 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00276128 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00274264 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00221528 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00188696 _____ () C:\Windows\system32\AcpiServiceVnA.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00087864 _____ () C:\Windows\system32\audioLibVc.dll
2015-02-11 02:11 - 2015-02-11 02:11 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2015-02-11 02:08 - 2015-02-14 11:51 - 00011232 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-02-11 02:08 - 2015-02-14 11:51 - 00000386 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2015-02-11 02:08 - 2015-02-11 02:08 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-02-11 02:08 - 2015-02-11 02:08 - 00000000 ____D () C:\Users\Admin\AppData\Local\SlimWare Utilities Inc
2015-02-11 02:07 - 2015-02-11 02:07 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\Heinz-Willi\Downloads\slimdrivers-setup.exe
2015-02-11 02:03 - 2015-02-11 02:05 - 26012864 _____ () C:\Users\Heinz-Willi\Downloads\GoogleEarthProWin.exe
2015-02-10 22:44 - 2015-02-10 22:44 - 00000197 _____ () C:\Windows\system32\2015-02-10-21-44-52.058-AvastVBoxSVC.exe-2596.log
2015-02-10 18:48 - 2015-02-10 18:48 - 00000197 _____ () C:\Windows\system32\2015-02-10-17-48-01.028-AvastVBoxSVC.exe-2288.log
2015-02-10 16:12 - 2015-02-10 16:12 - 00000197 _____ () C:\Windows\system32\2015-02-10-15-12-34.022-AvastVBoxSVC.exe-2088.log
2015-02-10 11:02 - 2015-02-10 11:02 - 00000197 _____ () C:\Windows\system32\2015-02-10-10-02-32.012-AvastVBoxSVC.exe-2152.log
2015-02-09 23:30 - 2015-02-09 23:31 - 00000197 _____ () C:\Windows\system32\2015-02-09-22-30-23.042-AvastVBoxSVC.exe-2476.log
2015-02-09 20:29 - 2015-02-09 20:29 - 00000197 _____ () C:\Windows\system32\2015-02-09-19-29-35.048-AvastVBoxSVC.exe-2684.log
2015-02-09 19:28 - 2015-02-09 19:29 - 00000197 _____ () C:\Windows\system32\2015-02-09-18-28-52.046-AvastVBoxSVC.exe-2752.log
2015-02-09 12:00 - 2015-02-09 12:00 - 00000197 _____ () C:\Windows\system32\2015-02-09-11-00-11.092-AvastVBoxSVC.exe-2244.log
2015-02-08 18:56 - 2015-02-08 18:56 - 00000197 _____ () C:\Windows\system32\2015-02-08-17-56-04.058-AvastVBoxSVC.exe-2224.log
2015-02-08 00:45 - 2015-02-08 00:45 - 00000197 _____ () C:\Windows\system32\2015-02-07-23-45-39.008-AvastVBoxSVC.exe-2128.log
2015-02-07 21:46 - 2015-02-07 21:46 - 00000197 _____ () C:\Windows\system32\2015-02-07-20-46-27.068-AvastVBoxSVC.exe-2532.log
2015-02-07 17:06 - 2015-02-07 17:06 - 00000197 _____ () C:\Windows\system32\2015-02-07-16-06-02.080-AvastVBoxSVC.exe-3008.log
2015-02-07 15:45 - 2015-02-07 15:45 - 00000197 _____ () C:\Windows\system32\2015-02-07-14-45-38.065-AvastVBoxSVC.exe-3964.log
2015-02-07 12:11 - 2015-02-07 12:12 - 00000197 _____ () C:\Windows\system32\2015-02-07-11-11-59.093-AvastVBoxSVC.exe-1776.log
2015-02-07 06:00 - 2015-02-07 06:00 - 00000197 _____ () C:\Windows\system32\2015-02-07-05-00-20.040-AvastVBoxSVC.exe-2084.log
2015-02-07 03:25 - 2015-02-07 03:26 - 00000197 _____ () C:\Windows\system32\2015-02-07-02-25-54.086-AvastVBoxSVC.exe-1192.log
2015-02-06 23:20 - 2015-02-06 23:21 - 00000197 _____ () C:\Windows\system32\2015-02-06-22-20-57.083-AvastVBoxSVC.exe-1236.log
2015-02-06 19:18 - 2015-02-06 19:19 - 00000197 _____ () C:\Windows\system32\2015-02-06-18-18-59.064-AvastVBoxSVC.exe-2624.log
2015-02-06 17:00 - 2015-02-06 17:00 - 00000197 _____ () C:\Windows\system32\2015-02-06-16-00-39.077-AvastVBoxSVC.exe-2216.log
2015-02-06 11:16 - 2015-02-06 11:16 - 00000197 _____ () C:\Windows\system32\2015-02-06-10-16-52.000-AvastVBoxSVC.exe-2064.log
2015-02-05 19:04 - 2015-02-05 19:04 - 00000197 _____ () C:\Windows\system32\2015-02-05-18-04-03.080-AvastVBoxSVC.exe-2172.log
2015-02-05 16:02 - 2015-02-05 16:02 - 00000197 _____ () C:\Windows\system32\2015-02-05-15-02-06.084-AvastVBoxSVC.exe-2156.log
2015-02-05 01:57 - 2015-02-05 01:57 - 00000197 _____ () C:\Windows\system32\2015-02-05-00-57-05.041-AvastVBoxSVC.exe-2256.log
2015-02-04 23:06 - 2015-02-04 23:06 - 00000197 _____ () C:\Windows\system32\2015-02-04-22-06-41.043-AvastVBoxSVC.exe-2188.log
2015-02-04 19:45 - 2015-02-04 19:45 - 00000197 _____ () C:\Windows\system32\2015-02-04-18-45-36.057-AvastVBoxSVC.exe-2188.log
2015-02-04 17:33 - 2015-02-04 17:34 - 00000197 _____ () C:\Windows\system32\2015-02-04-16-33-52.045-AvastVBoxSVC.exe-2248.log
2015-02-04 04:15 - 2015-02-04 04:15 - 00000197 _____ () C:\Windows\system32\2015-02-04-03-15-30.000-AvastVBoxSVC.exe-2164.log
2015-02-03 18:22 - 2015-02-03 18:22 - 00000197 _____ () C:\Windows\system32\2015-02-03-17-22-52.088-AvastVBoxSVC.exe-2124.log
2015-02-03 16:06 - 2015-02-03 16:06 - 00000197 _____ () C:\Windows\system32\2015-02-03-15-06-04.054-AvastVBoxSVC.exe-2456.log
2015-02-03 12:21 - 2015-02-03 12:22 - 00000197 _____ () C:\Windows\system32\2015-02-03-11-21-23.021-AvastVBoxSVC.exe-1368.log
2015-02-03 00:32 - 2015-02-03 00:32 - 00000197 _____ () C:\Windows\system32\2015-02-02-23-32-38.035-AvastVBoxSVC.exe-1284.log
2015-02-02 21:35 - 2015-02-02 21:36 - 00000197 _____ () C:\Windows\system32\2015-02-02-20-35-31.055-AvastVBoxSVC.exe-2272.log
2015-02-02 17:01 - 2015-02-02 17:01 - 00000197 _____ () C:\Windows\system32\2015-02-02-16-01-45.075-AvastVBoxSVC.exe-2124.log
2015-02-01 23:52 - 2015-02-01 23:52 - 00000197 _____ () C:\Windows\system32\2015-02-01-22-52-42.025-AvastVBoxSVC.exe-2348.log
2015-02-01 18:22 - 2015-02-01 18:22 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-22-12.012-AvastVBoxSVC.exe-2612.log
2015-02-01 13:43 - 2015-02-01 13:44 - 00000197 _____ () C:\Windows\system32\2015-02-01-12-43-31.060-AvastVBoxSVC.exe-2272.log
2015-02-01 04:08 - 2015-02-01 04:08 - 00000197 _____ () C:\Windows\system32\2015-02-01-03-08-32.065-AvastVBoxSVC.exe-2196.log
2015-01-31 21:40 - 2015-01-31 21:40 - 00000247 _____ () C:\Windows\system32\2015-01-31-20-40-48.099-aswFe.exe-668.log
2015-01-31 21:35 - 2015-01-31 21:40 - 00000247 _____ () C:\Windows\system32\2015-01-31-20-35-54.040-aswFe.exe-1852.log
2015-01-31 21:35 - 2015-01-31 21:35 - 00000197 _____ () C:\Windows\system32\2015-01-31-20-35-51.005-AvastVBoxSVC.exe-3968.log
2015-01-31 16:05 - 2015-01-31 16:05 - 00000197 _____ () C:\Windows\system32\2015-01-31-15-05-54.017-AvastVBoxSVC.exe-2384.log
2015-01-31 16:02 - 2015-01-31 16:02 - 00777920 _____ (Aff) C:\Users\Heinz-Willi\Downloads\FlvPlayerSetup.exe
2015-01-31 15:54 - 2015-01-31 15:54 - 00808512 _____ (CoinisRS) C:\Users\Heinz-Willi\Downloads\adobe_flash_setup.exe
2015-01-31 15:54 - 2015-01-31 15:54 - 00808512 _____ (CoinisRS) C:\Users\Heinz-Willi\Downloads\adobe_flash_setup(1).exe
2015-01-31 13:39 - 2015-01-31 13:39 - 00000197 _____ () C:\Windows\system32\2015-01-31-12-39-22.048-AvastVBoxSVC.exe-2212.log
2015-01-31 11:56 - 2015-01-31 11:56 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-56-04.067-AvastVBoxSVC.exe-2588.log
2015-01-31 04:12 - 2015-01-31 04:12 - 00000197 _____ () C:\Windows\system32\2015-01-31-03-12-46.022-AvastVBoxSVC.exe-2216.log
2015-01-30 23:20 - 2015-01-30 23:20 - 00000197 _____ () C:\Windows\system32\2015-01-30-22-20-07.012-AvastVBoxSVC.exe-2088.log
2015-01-30 22:33 - 2015-01-30 22:33 - 00000197 _____ () C:\Windows\system32\2015-01-30-21-33-04.032-AvastVBoxSVC.exe-1216.log
2015-01-30 17:29 - 2015-01-30 17:30 - 00000197 _____ () C:\Windows\system32\2015-01-30-16-29-52.017-AvastVBoxSVC.exe-2508.log
2015-01-30 15:36 - 2015-01-30 15:36 - 00000197 _____ () C:\Windows\system32\2015-01-30-14-36-58.096-AvastVBoxSVC.exe-2112.log
2015-01-30 09:25 - 2015-01-30 09:25 - 00000197 _____ () C:\Windows\system32\2015-01-30-08-25-38.049-AvastVBoxSVC.exe-2912.log
2015-01-30 06:43 - 2015-01-30 06:43 - 00000197 _____ () C:\Windows\system32\2015-01-30-05-43-11.006-AvastVBoxSVC.exe-2356.log
2015-01-29 21:30 - 2015-01-29 21:30 - 00000197 _____ () C:\Windows\system32\2015-01-29-20-30-09.097-AvastVBoxSVC.exe-2664.log
2015-01-29 20:07 - 2015-02-14 11:49 - 00004975 _____ () C:\Windows\setupact.log
2015-01-29 20:07 - 2015-01-29 20:07 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-29 17:07 - 2015-01-29 17:08 - 05325208 _____ (Piriform Ltd) C:\Users\Heinz-Willi\Downloads\ccsetup502.exe
2015-01-29 14:45 - 2015-01-29 14:45 - 00000197 _____ () C:\Windows\system32\2015-01-29-13-45-29.081-AvastVBoxSVC.exe-1576.log
2015-01-29 09:36 - 2015-01-29 09:36 - 00000197 _____ () C:\Windows\system32\2015-01-29-08-36-01.063-AvastVBoxSVC.exe-2536.log
2015-01-29 01:07 - 2015-01-29 01:07 - 00000197 _____ () C:\Windows\system32\2015-01-29-00-07-05.082-AvastVBoxSVC.exe-2148.log
2015-01-28 22:34 - 2015-01-28 22:35 - 00000197 _____ () C:\Windows\system32\2015-01-28-21-34-59.061-AvastVBoxSVC.exe-2124.log
2015-01-28 13:12 - 2015-01-28 13:13 - 00000197 _____ () C:\Windows\system32\2015-01-28-12-12-55.026-AvastVBoxSVC.exe-2192.log
2015-01-28 08:21 - 2015-01-28 08:21 - 00000197 _____ () C:\Windows\system32\2015-01-28-07-21-34.087-AvastVBoxSVC.exe-2592.log
2015-01-28 01:51 - 2015-01-28 01:51 - 00000197 _____ () C:\Windows\system32\2015-01-28-00-51-30.070-AvastVBoxSVC.exe-1356.log
2015-01-27 19:47 - 2015-01-27 19:48 - 00000197 _____ () C:\Windows\system32\2015-01-27-18-47-55.084-AvastVBoxSVC.exe-1636.log
2015-01-27 16:00 - 2015-01-27 16:00 - 00000197 _____ () C:\Windows\system32\2015-01-27-15-00-42.022-AvastVBoxSVC.exe-2092.log
2015-01-27 13:03 - 2015-01-27 13:03 - 00000197 _____ () C:\Windows\system32\2015-01-27-12-03-42.002-AvastVBoxSVC.exe-2156.log
2015-01-27 10:52 - 2015-01-27 10:52 - 00000197 _____ () C:\Windows\system32\2015-01-27-09-52-19.078-AvastVBoxSVC.exe-1144.log
2015-01-27 05:46 - 2015-01-27 05:46 - 00000197 _____ () C:\Windows\system32\2015-01-27-04-46-41.029-AvastVBoxSVC.exe-2056.log
2015-01-27 04:15 - 2015-01-27 04:15 - 00000197 _____ () C:\Windows\system32\2015-01-27-03-15-39.087-AvastVBoxSVC.exe-1324.log
2015-01-26 22:26 - 2015-01-26 22:27 - 00000197 _____ () C:\Windows\system32\2015-01-26-21-26-55.049-AvastVBoxSVC.exe-2244.log
2015-01-26 20:04 - 2015-01-26 20:04 - 00000197 _____ () C:\Windows\system32\2015-01-26-19-04-11.025-AvastVBoxSVC.exe-2152.log
2015-01-26 16:29 - 2015-01-26 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-26 16:29 - 2015-01-26 16:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-26 16:28 - 2015-01-26 16:29 - 06958304 _____ (Microsoft Corporation) C:\Users\Heinz-Willi\Downloads\Silverlight.exe
2015-01-26 16:19 - 2015-01-26 16:19 - 00000197 _____ () C:\Windows\system32\2015-01-26-15-19-37.043-AvastVBoxSVC.exe-2188.log
2015-01-26 14:23 - 2015-01-26 14:23 - 00000197 _____ () C:\Windows\system32\2015-01-26-13-23-27.082-AvastVBoxSVC.exe-464.log
2015-01-26 11:57 - 2015-01-26 11:57 - 00000247 _____ () C:\Windows\system32\2015-01-26-10-57-17.041-aswFe.exe-2984.log
2015-01-26 11:53 - 2015-01-26 11:57 - 00000247 _____ () C:\Windows\system32\2015-01-26-10-53-28.059-aswFe.exe-2596.log
2015-01-26 11:53 - 2015-01-26 11:53 - 00000197 _____ () C:\Windows\system32\2015-01-26-10-53-25.052-AvastVBoxSVC.exe-2116.log
2015-01-25 21:46 - 2015-01-25 21:46 - 00000197 _____ () C:\Windows\system32\2015-01-25-20-46-28.076-AvastVBoxSVC.exe-2248.log
2015-01-25 20:59 - 2015-01-25 20:59 - 00000197 _____ () C:\Windows\system32\2015-01-25-19-59-40.038-AvastVBoxSVC.exe-2268.log
2015-01-25 17:22 - 2015-01-25 17:22 - 00000197 _____ () C:\Windows\system32\2015-01-25-16-22-37.041-AvastVBoxSVC.exe-1976.log
2015-01-25 11:49 - 2015-01-25 11:49 - 00000197 _____ () C:\Windows\system32\2015-01-25-10-49-26.054-AvastVBoxSVC.exe-1108.log
2015-01-25 08:26 - 2015-01-25 08:26 - 00000197 _____ () C:\Windows\system32\2015-01-25-07-26-07.049-AvastVBoxSVC.exe-2268.log
2015-01-25 05:15 - 2015-01-25 05:15 - 00000197 _____ () C:\Windows\system32\2015-01-25-04-15-17.020-AvastVBoxSVC.exe-2316.log
2015-01-24 20:21 - 2015-01-24 20:21 - 00000197 _____ () C:\Windows\system32\2015-01-24-19-21-48.009-AvastVBoxSVC.exe-1136.log
2015-01-24 18:54 - 2015-01-24 18:54 - 00000197 _____ () C:\Windows\system32\2015-01-24-17-54-14.022-AvastVBoxSVC.exe-2508.log
2015-01-24 16:50 - 2015-01-24 16:50 - 00000197 _____ () C:\Windows\system32\2015-01-24-15-50-04.027-AvastVBoxSVC.exe-2848.log
2015-01-24 13:48 - 2015-01-24 13:48 - 00000197 _____ () C:\Windows\system32\2015-01-24-12-48-16.074-AvastVBoxSVC.exe-2084.log
2015-01-24 03:47 - 2015-01-24 03:47 - 00000197 _____ () C:\Windows\system32\2015-01-24-02-47-36.009-AvastVBoxSVC.exe-2532.log
2015-01-23 22:50 - 2015-01-23 22:50 - 00000197 _____ () C:\Windows\system32\2015-01-23-21-50-02.086-AvastVBoxSVC.exe-1528.log
2015-01-23 22:26 - 2015-01-23 22:26 - 00000197 _____ () C:\Windows\system32\2015-01-23-21-26-28.025-AvastVBoxSVC.exe-348.log
2015-01-23 19:50 - 2015-01-23 19:50 - 00000197 _____ () C:\Windows\system32\2015-01-23-18-50-19.086-AvastVBoxSVC.exe-2408.log
2015-01-23 18:14 - 2015-01-23 18:14 - 00000197 _____ () C:\Windows\system32\2015-01-23-17-14-16.023-AvastVBoxSVC.exe-3256.log
2015-01-23 16:22 - 2015-01-23 16:22 - 00000197 _____ () C:\Windows\system32\2015-01-23-15-22-26.052-AvastVBoxSVC.exe-1576.log
2015-01-23 14:14 - 2015-01-23 14:15 - 00000197 _____ () C:\Windows\system32\2015-01-23-13-14-40.022-AvastVBoxSVC.exe-3456.log
2015-01-23 11:28 - 2015-01-23 11:29 - 00000197 _____ () C:\Windows\system32\2015-01-23-10-28-54.065-AvastVBoxSVC.exe-1564.log
2015-01-23 05:06 - 2015-01-23 05:06 - 00000197 _____ () C:\Windows\system32\2015-01-23-04-06-04.073-AvastVBoxSVC.exe-2512.log
2015-01-22 19:38 - 2015-01-22 19:38 - 00000197 _____ () C:\Windows\system32\2015-01-22-18-38-28.058-AvastVBoxSVC.exe-2172.log
2015-01-22 16:38 - 2015-01-22 16:38 - 00000197 _____ () C:\Windows\system32\2015-01-22-15-38-01.045-AvastVBoxSVC.exe-1172.log
2015-01-22 14:48 - 2015-01-22 14:48 - 00000197 _____ () C:\Windows\system32\2015-01-22-13-48-37.003-AvastVBoxSVC.exe-1304.log
2015-01-22 13:17 - 2015-01-22 13:18 - 00000197 _____ () C:\Windows\system32\2015-01-22-12-17-39.029-AvastVBoxSVC.exe-1344.log
2015-01-22 05:49 - 2015-01-22 05:49 - 00000197 _____ () C:\Windows\system32\2015-01-22-04-49-41.001-AvastVBoxSVC.exe-2392.log
2015-01-21 22:04 - 2015-01-21 22:05 - 00000197 _____ () C:\Windows\system32\2015-01-21-21-04-37.090-AvastVBoxSVC.exe-2224.log
2015-01-21 17:55 - 2015-01-21 17:55 - 00000197 _____ () C:\Windows\system32\2015-01-21-16-55-23.040-AvastVBoxSVC.exe-3248.log
2015-01-21 14:02 - 2015-01-21 14:03 - 00000197 _____ () C:\Windows\system32\2015-01-21-13-02-51.040-AvastVBoxSVC.exe-2056.log
2015-01-21 11:16 - 2015-01-21 11:16 - 00000197 _____ () C:\Windows\system32\2015-01-21-10-16-09.075-AvastVBoxSVC.exe-356.log
2015-01-21 05:12 - 2015-01-21 05:12 - 00000197 _____ () C:\Windows\system32\2015-01-21-04-12-08.006-AvastVBoxSVC.exe-2076.log
2015-01-20 22:40 - 2015-01-20 22:40 - 00000197 _____ () C:\Windows\system32\2015-01-20-21-40-54.055-AvastVBoxSVC.exe-1316.log
2015-01-20 19:25 - 2015-01-20 19:26 - 00000197 _____ () C:\Windows\system32\2015-01-20-18-25-49.073-AvastVBoxSVC.exe-2332.log
2015-01-20 16:03 - 2015-01-20 16:03 - 00000197 _____ () C:\Windows\system32\2015-01-20-15-03-24.050-AvastVBoxSVC.exe-2408.log
2015-01-20 13:16 - 2015-01-20 13:17 - 00000197 _____ () C:\Windows\system32\2015-01-20-12-16-38.071-AvastVBoxSVC.exe-2084.log
2015-01-20 08:48 - 2015-01-20 08:48 - 00000197 _____ () C:\Windows\system32\2015-01-20-07-48-54.039-AvastVBoxSVC.exe-2084.log
2015-01-20 07:14 - 2015-01-20 07:14 - 00000197 _____ () C:\Windows\system32\2015-01-20-06-14-04.094-AvastVBoxSVC.exe-1528.log
2015-01-20 05:50 - 2015-01-20 05:50 - 00000197 _____ () C:\Windows\system32\2015-01-20-04-50-45.057-AvastVBoxSVC.exe-2228.log
2015-01-19 21:10 - 2015-01-19 21:11 - 00000197 _____ () C:\Windows\system32\2015-01-19-20-10-59.073-AvastVBoxSVC.exe-2152.log
2015-01-19 19:56 - 2015-01-19 19:56 - 00000197 _____ () C:\Windows\system32\2015-01-19-18-56-49.087-AvastVBoxSVC.exe-1244.log
2015-01-19 19:25 - 2015-01-19 19:25 - 00000197 _____ () C:\Windows\system32\2015-01-19-18-25-51.008-AvastVBoxSVC.exe-2516.log
2015-01-19 13:01 - 2015-01-19 13:01 - 00000197 _____ () C:\Windows\system32\2015-01-19-12-01-23.080-AvastVBoxSVC.exe-1368.log
2015-01-19 09:05 - 2015-01-19 09:05 - 00000197 _____ () C:\Windows\system32\2015-01-19-08-05-40.055-AvastVBoxSVC.exe-2192.log
2015-01-19 00:14 - 2015-01-19 00:14 - 00000197 _____ () C:\Windows\system32\2015-01-18-23-14-45.028-AvastVBoxSVC.exe-1792.log
2015-01-18 20:33 - 2015-01-18 20:34 - 00000197 _____ () C:\Windows\system32\2015-01-18-19-33-46.064-AvastVBoxSVC.exe-2432.log
2015-01-18 17:29 - 2015-01-18 17:29 - 00000197 _____ () C:\Windows\system32\2015-01-18-16-29-02.071-AvastVBoxSVC.exe-2384.log
2015-01-18 14:32 - 2015-01-18 14:32 - 00000197 _____ () C:\Windows\system32\2015-01-18-13-32-11.033-AvastVBoxSVC.exe-2336.log
2015-01-18 11:30 - 2015-01-18 11:30 - 00000197 _____ () C:\Windows\system32\2015-01-18-10-30-38.046-AvastVBoxSVC.exe-1852.log
2015-01-18 08:14 - 2015-01-18 08:14 - 00000197 _____ () C:\Windows\system32\2015-01-18-07-14-10.066-AvastVBoxSVC.exe-2904.log
2015-01-17 20:46 - 2015-01-17 20:46 - 00000247 _____ () C:\Windows\system32\2015-01-17-19-46-26.045-aswFe.exe-1068.log
2015-01-17 20:42 - 2015-01-17 20:46 - 00000247 _____ () C:\Windows\system32\2015-01-17-19-42-13.075-aswFe.exe-672.log
2015-01-17 16:38 - 2015-01-17 16:38 - 00000197 _____ () C:\Windows\system32\2015-01-17-15-38-21.056-AvastVBoxSVC.exe-2152.log
2015-01-17 15:57 - 2015-01-17 15:57 - 00000197 _____ () C:\Windows\system32\2015-01-17-14-57-41.090-AvastVBoxSVC.exe-356.log
2015-01-17 14:32 - 2015-01-17 14:33 - 00000197 _____ () C:\Windows\system32\2015-01-17-13-32-49.027-AvastVBoxSVC.exe-2784.log
2015-01-17 12:00 - 2015-01-17 12:00 - 00000197 _____ () C:\Windows\system32\2015-01-17-11-00-16.009-AvastVBoxSVC.exe-2364.log
2015-01-17 08:03 - 2015-01-17 08:03 - 00000197 _____ () C:\Windows\system32\2015-01-17-07-03-46.085-AvastVBoxSVC.exe-2076.log
2015-01-16 19:52 - 2015-01-16 19:52 - 00000197 _____ () C:\Windows\system32\2015-01-16-18-52-38.036-AvastVBoxSVC.exe-2128.log
2015-01-16 18:45 - 2015-01-16 18:45 - 00000197 _____ () C:\Windows\system32\2015-01-16-17-45-40.013-AvastVBoxSVC.exe-2488.log
2015-01-16 15:31 - 2015-01-16 15:31 - 00000197 _____ () C:\Windows\system32\2015-01-16-14-31-39.064-AvastVBoxSVC.exe-2172.log
2015-01-16 12:27 - 2015-01-16 12:27 - 00000197 _____ () C:\Windows\system32\2015-01-16-11-27-24.068-AvastVBoxSVC.exe-2052.log
2015-01-16 07:08 - 2015-01-16 07:08 - 00000197 _____ () C:\Windows\system32\2015-01-16-06-08-48.021-AvastVBoxSVC.exe-2364.log
2015-01-16 04:23 - 2015-01-16 04:23 - 00000197 _____ () C:\Windows\system32\2015-01-16-03-23-22.040-AvastVBoxSVC.exe-2296.log
2015-01-16 02:58 - 2015-01-16 02:58 - 00000197 _____ () C:\Windows\system32\2015-01-16-01-58-00.056-AvastVBoxSVC.exe-2736.log
2015-01-15 20:35 - 2015-01-15 20:35 - 00000197 _____ () C:\Windows\system32\2015-01-15-19-35-22.069-AvastVBoxSVC.exe-2644.log
2015-01-15 17:33 - 2015-01-15 17:33 - 00000197 _____ () C:\Windows\system32\2015-01-15-16-33-51.000-AvastVBoxSVC.exe-2308.log
2015-01-15 16:07 - 2015-01-15 16:07 - 00000197 _____ () C:\Windows\system32\2015-01-15-15-07-34.060-AvastVBoxSVC.exe-2304.log
2015-01-15 12:54 - 2015-01-15 12:54 - 00000197 _____ () C:\Windows\system32\2015-01-15-11-54-48.071-AvastVBoxSVC.exe-2644.log
2015-01-15 10:03 - 2015-01-15 10:03 - 00000197 _____ () C:\Windows\system32\2015-01-15-09-03-09.029-AvastVBoxSVC.exe-2756.log
2015-01-15 08:12 - 2015-01-15 08:12 - 00000197 _____ () C:\Windows\system32\2015-01-15-07-12-54.037-AvastVBoxSVC.exe-2456.log
2015-01-15 06:16 - 2015-01-15 06:16 - 00000197 _____ () C:\Windows\system32\2015-01-15-05-16-09.043-AvastVBoxSVC.exe-2496.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-14 11:56 - 2009-07-14 05:34 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-14 11:56 - 2009-07-14 05:34 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-14 11:53 - 2014-10-01 17:25 - 01882453 _____ () C:\Windows\WindowsUpdate.log
2015-02-14 11:51 - 2014-10-01 21:22 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-14 11:49 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-14 09:45 - 2014-10-02 18:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-14 01:52 - 2014-10-01 17:37 - 00000000 ____D () C:\Users\Heinz-Willi
2015-02-14 00:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-13 21:03 - 2014-10-01 17:39 - 00000000 ____D () C:\Users\Admin
2015-02-13 20:49 - 2014-11-12 00:26 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-02-13 02:18 - 2014-10-13 22:32 - 00000000 ___RD () C:\Users\Heinz-Willi\Documents\HP Melsbach neu
2015-02-12 15:04 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-12 12:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-11 19:54 - 2009-07-14 05:33 - 00433048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 19:52 - 2014-12-11 10:29 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 19:52 - 2014-10-02 12:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 19:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-02-11 18:13 - 2014-10-15 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 18:07 - 2014-10-23 14:01 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 14:12 - 2014-10-01 17:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 14:12 - 2009-07-14 03:04 - 00000580 _____ () C:\Windows\win.ini
2015-02-11 02:18 - 2014-10-03 22:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-09 13:28 - 2014-10-01 23:10 - 00000000 ___RD () C:\Users\Heinz-Willi\Documents\HP Melsbach
2015-02-05 20:45 - 2014-10-02 18:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 20:45 - 2014-10-02 18:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 16:06 - 2014-10-01 21:22 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 23:12 - 2014-07-20 15:28 - 00000000 ____D () C:\Users\Heinz-Willi\Desktop\Homepage Schalke
2015-01-29 17:09 - 2014-10-14 21:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-27 06:07 - 2014-10-01 17:39 - 01591896 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 02:56 - 2014-10-23 17:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 16:25 - 2014-11-05 20:55 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-26 16:25 - 2014-11-05 20:54 - 00000000 ____D () C:\Program Files\Java
2015-01-26 16:24 - 2014-12-04 18:01 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-26 02:54 - 2014-10-02 02:42 - 00000000 ____D () C:\Users\Heinz-Willi\AppData\Local\Microsoft Games
2015-01-24 03:45 - 2009-07-14 05:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-19 01:01 - 2014-10-01 21:11 - 00000000 ____D () C:\Users\Heinz-Willi\Desktop\Sicherheitsprogramme
2015-01-19 00:18 - 2014-11-06 01:33 - 00000000 ____D () C:\Users\Admin\Downloads\backups
2015-01-19 00:11 - 2014-11-05 22:26 - 00000000 ____D () C:\ProgramData\ddc24aa9-6c5d-44d0-8c40-9bed83bb2ab7
2015-01-19 00:00 - 2014-11-07 17:19 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-18 23:59 - 2014-11-07 17:18 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2015-01-18 02:39 - 2014-11-02 02:18 - 00000000 ____D () C:\Users\Heinz-Willi\Documents\50plus
2015-01-16 14:12 - 2014-11-26 23:49 - 00000000 ____D () C:\Users\Heinz-Willi\Documents\Computer Bild
==================== Files in the root of some directories =======
2014-10-04 01:58 - 2014-10-04 01:58 - 0000045 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG
2014-10-25 18:21 - 2014-11-13 23:18 - 0007602 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-02-11 02:20 - 2015-02-11 02:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Heinz-Willi\AppData\Local\Temp\jre-8u31-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 00:57
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-02-2015
Ran by Admin at 2015-02-14 12:00:36
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4 Elements II (HKLM\...\4 Elements II_is1) (Version: 1.0 - MyPlayCity, Inc.)
7-Zip 9.34 alpha (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Ahnenblatt 2.85 (HKLM\...\Ahnenblatt_is1) (Version: 2.85.0.1 - Dirk Böttcher)
Amazing Pyramids (HKLM\...\Amazing Pyramids_is1) (Version: 1.0 - MyPlayCity, Inc.)
Anka (HKLM\...\Anka_is1) (Version: 1.0 - MyPlayCity, Inc.)
Astro Avenger 2 (HKLM\...\Astro Avenger 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Atlantis Quest (HKLM\...\Atlantis Quest_is1) (Version: 1.0 - MyPlayCity, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bato (HKLM\...\Bato_is1) (Version: 1.0 - MyPlayCity, Inc.)
Beetle Bug 3 (HKLM\...\Beetle Bug 3_is1) (Version: 1.0 - MyPlayCity, Inc.)
Boulder Crash version 1.0 (HKLM\...\{3359B4FC-E557-451E-AB7F-982197E5454D}}_is1) (Version: 1.0 - Aleksey Taranov)
Brickshooter Egypt (HKLM\...\Brickshooter Egypt_is1) (Version: 1.0 - MyPlayCity, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Christmas Griddlers (HKLM\...\Christmas Griddlers_is1) (Version: 1.0 - MyPlayCity, Inc.)
Clutter II - He Said, She Said (HKLM\...\Clutter II - He Said, She Said_is1) (Version: 1.0 - MyPlayCity, Inc.)
Cradle of Rome (HKLM\...\Cradle of Rome_is1) (Version: 1.0 - MyPlayCity, Inc.)
EaseUS Data Recovery Wizard 8.5 (HKLM\...\EaseUS Data Recovery Wizard 8.5_is1) (Version: - EaseUS)
Farm Frenzy - Gone Fishing (HKLM\...\Farm Frenzy - Gone Fishing_is1) (Version: 1.0 - MyPlayCity, Inc.)
Free QuizMaker 6 (HKLM\...\{2291F7F8-69DD-4B4F-B843-BA5B57999918}) (Version: 6.2.0 - iSpring Solutions Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Griddlers - Ted and PET (HKLM\...\Griddlers - Ted and PET_is1) (Version: 1.0 - MyPlayCity, Inc.)
Incredi Basketball (HKLM\...\Incredi Basketball_is1) (Version: 1.0 - MyPlayCity, Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest II (HKLM\...\Jewel Quest II_is1) (Version: 1.0 - MyPlayCity, Inc.)
Jurassic Mahjong (HKLM\...\Jurassic Mahjong_is1) (Version: 1.0 - MyPlayCity, Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Olympus Griddlers (HKLM\...\Olympus Griddlers_is1) (Version: 1.0 - MyPlayCity, Inc.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Price Meter (remove only) (HKU\S-1-5-21-724745677-1146776812-3954023175-1003\...\Price Meter) (Version: 1.0.5.8 - Price Meter) <==== ATTENTION
Rainbow Web 2 (HKLM\...\Rainbow Web 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Rise of Mythos (HKLM\...\Rise of Mythos_is1) (Version: 1.0 - MyPlayCity, Inc.)
Scratch 2 Offline Editor (HKLM\...\edu.media.mit.Scratch2Editor) (Version: 428 - MIT Media Lab)
Scratch 2 Offline Editor (Version: 255 - MIT Media Lab) Hidden
Season Match - Curse of the Witch Crow (HKLM\...\Season Match - Curse of the Witch Crow_is1) (Version: 1.0 - MyPlayCity, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SlimDrivers (HKLM\...\{03E312F7-8697-4BC4-A90F-33D34EECE18C}) (Version: 2.2.44488 - SlimWare Utilities, Inc.)
Snowy - Treasure Hunter 3 (HKLM\...\Snowy - Treasure Hunter 3_is1) (Version: 1.0 - MyPlayCity, Inc.)
Star Defender 4 (HKLM\...\Star Defender 4_is1) (Version: 1.0 - MyPlayCity, Inc.)
Turtix (HKLM\...\Turtix_is1) (Version: 1.0 - MyPlayCity, Inc.)
Woolies Adventure (HKLM\...\Woolies Adventure_is1) (Version: - My Real Games Ltd)
ZOODomino (HKLM\...\ZOODomino_is1) (Version: 1.0 - MyPlayCity, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-10-2014 10:47:37 Windows Update
31-10-2014 17:20:00 Windows Update
05-11-2014 00:18:36 Windows Update
05-11-2014 20:54:20 Installed Java 7 Update 65
05-11-2014 20:56:53 Installed Java 7 Update 71
06-11-2014 01:00:39 Wiederherstellungsvorgang
06-11-2014 01:04:57 avast! antivirus system restore point
06-11-2014 01:09:45 Windows Update
06-11-2014 01:40:45 Wiederherstellungsvorgang
06-11-2014 01:46:12 avast! antivirus system restore point
06-11-2014 01:53:40 Windows Update
07-11-2014 01:11:05 avast! antivirus system restore point
11-11-2014 12:54:22 Windows Update
12-11-2014 14:01:15 Windows Update
18-11-2014 13:37:54 Windows Update
19-11-2014 22:15:48 Windows Update
26-11-2014 01:10:45 Windows Update
01-12-2014 17:23:14 Installed PDF Architect 2 View Module
01-12-2014 17:26:07 Installed PDF Architect 2 Create Module
01-12-2014 17:26:46 Installed PDF Architect 2 Edit Module
02-12-2014 11:59:07 Windows Update
02-12-2014 20:35:22 avast! antivirus system restore point
09-12-2014 13:07:57 Windows Update
11-12-2014 01:47:12 Windows Update
12-12-2014 13:49:21 Windows Update
16-12-2014 13:30:39 Windows Update
18-12-2014 09:40:48 Windows Update
23-12-2014 15:53:27 Windows Update
30-12-2014 19:05:50 Windows Update
06-01-2015 12:31:28 Installed Free QuizMaker 6
07-01-2015 05:09:38 Windows Update
14-01-2015 14:23:42 Windows Update
14-01-2015 16:07:53 Windows Update
21-01-2015 00:55:40 Windows Update
27-01-2015 06:04:46 Windows Update
30-01-2015 06:45:32 Windows Update
03-02-2015 12:25:49 Windows Update
10-02-2015 16:15:05 Windows Update
11-02-2015 02:10:45 SlimDrivers Installing Drivers
11-02-2015 02:18:33 Installiert Realtek High Definition Audio Driver
11-02-2015 14:08:29 Windows Update
11-02-2015 18:04:08 Windows Update
12-02-2015 12:58:09 Windows Update
13-02-2015 14:58:09 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {082B5570-B352-4ECE-94C3-87F2BB3454E7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
Task: {1C2909C0-F928-45F3-BA10-EBBCFA4C64C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {295FAE4D-E655-4463-A321-BCA55C1A3358} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {372C5B6A-413F-43F3-B98E-2E434DF79F0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-01] (Google Inc.)
Task: {8769188A-A63F-4BF6-B290-6780126E6D4C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-724745677-1146776812-3954023175-1003
Task: {961FE649-9EDA-44F9-856D-F659877F87E5} - System32\Tasks\SlimDrivers Startup => C:\Program Files\SlimDrivers\SlimDrivers.exe [2015-01-28] (SlimWare Utilities, Inc.)
Task: {A8366623-BF2B-40AA-9E17-D2943A3531C7} - System32\Tasks\Games\UpdateCheck_S-1-5-21-724745677-1146776812-3954023175-1001
Task: {AD7FD6F1-7B4E-49D3-AF53-315BAD5937A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B522E709-7B3B-4906-8E6F-20BA8CDF211A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {E43D581A-CAFD-445C-81FE-A04FE2CD81A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-01] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-13 20:42 - 2015-02-13 20:42 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15021301\algo.dll
2014-12-02 20:35 - 2014-12-02 20:35 - 02151544 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxVMM.dll
2014-12-02 20:35 - 2014-12-02 20:35 - 00021488 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxREM.dll
2014-12-02 20:35 - 2014-12-02 20:35 - 04474224 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-02-14 11:50 - 2015-02-14 11:50 - 02912256 _____ () C:\Program Files\AVAST Software\Avast\defs\15021400\algo.dll
2014-12-02 20:35 - 2014-12-02 20:35 - 00317632 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-12-02 20:36 - 2014-12-02 20:36 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Admin (S-1-5-21-724745677-1146776812-3954023175-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-724745677-1146776812-3954023175-500 - Administrator - Disabled)
Gast (S-1-5-21-724745677-1146776812-3954023175-501 - Limited - Disabled)
Heinz-Willi (S-1-5-21-724745677-1146776812-3954023175-1001 - Limited - Enabled) => C:\Users\Heinz-Willi
HomeGroupUser$ (S-1-5-21-724745677-1146776812-3954023175-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/13/2015 09:23:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012298
ID des fehlerhaften Prozesses: 0xd30
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3
Error: (02/11/2015 05:17:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1738
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (02/11/2015 02:10:45 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f8dd1ff7-2b51-4235-861d-7da59deb8c36}
Error: (02/07/2015 10:54:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x368
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/28/2015 04:39:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.1.5500, Zeitstempel: 0x54c1f9f3
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.1.5500, Zeitstempel: 0x54c1f224
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xe74
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/21/2015 02:40:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Vorgang:
Für die Sicherung initialisieren
Error: (01/21/2015 02:40:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)" ist ein unerwarteter Fehler aufgetreten. hr = 0x8007045b, Der Computer wird heruntergefahren.
.
Vorgang:
Für die Sicherung initialisieren
Error: (01/15/2015 02:04:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mspaint.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc683
Name des fehlerhaften Moduls: mspaint.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc683
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003e401
ID des fehlerhaften Prozesses: 0x70c
Startzeit der fehlerhaften Anwendung: 0xmspaint.exe0
Pfad der fehlerhaften Anwendung: mspaint.exe1
Pfad des fehlerhaften Moduls: mspaint.exe2
Berichtskennung: mspaint.exe3
Error: (01/12/2015 05:11:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm gimp-2.8.exe, Version 2.8.14.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e98
Startzeit: 01d02e825b19c5aa
Endzeit: 10
Anwendungspfad: C:\Program Files\GIMP 2\bin\gimp-2.8.exe
Berichts-ID: a10c9e87-9a75-11e4-ad99-002268670f8a
Error: (01/06/2015 05:09:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Hot-Potatoes-lnstall.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 718
Startzeit: 01d029ca97151b94
Endzeit: 33
Anwendungspfad: C:\Users\Heinz-Willi\Downloads\Hot-Potatoes-lnstall.exe
Berichts-ID: 653e1047-95be-11e4-af6b-002268670f8a
System errors:
=============
Error: (02/14/2015 00:07:29 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (02/13/2015 11:30:07 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/13/2015 10:51:08 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/13/2015 09:26:33 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "\Device\HarddiskVolumeShadowCopy28" den Befehl "chkdsk" aus.
Error: (02/13/2015 05:10:17 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/13/2015 02:50:30 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/12/2015 07:52:43 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/12/2015 06:37:46 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/12/2015 06:33:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/12/2015 01:50:40 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{26B1CF8F-910E-4374-8C2A-F51B9ACC0D-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (02/13/2015 09:23:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c000000500012298d3001d047caaf9af962C:\Users\Heinz-Willi\Downloads\Gmer-19357.exeC:\Users\Heinz-Willi\Downloads\Gmer-19357.exe2c08ab4e-b3be-11e4-959c-002268670f8a
Error: (02/11/2015 05:17:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425173801d046159ec40cf3C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll7e5ff979-b209-11e4-ad14-002268670f8a
Error: (02/11/2015 02:10:45 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {f8dd1ff7-2b51-4235-861d-7da59deb8c36}
Error: (02/07/2015 10:54:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f224800000030000142536801d043173a7be1eaC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dllde4328d5-af13-11e4-8cfe-002268670f8a
Error: (01/28/2015 04:39:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.1.550054c1f9f3mozalloc.dll35.0.1.550054c1f2248000000300001425e7401d03b10227870d6C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dlle5e7b1de-a703-11e4-b4b5-002268670f8a
Error: (01/21/2015 02:40:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)0x8007045b, Der Computer wird heruntergefahren.
Vorgang:
Für die Sicherung initialisieren
Error: (01/21/2015 02:40:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT)0x8007045b, Der Computer wird heruntergefahren.
Vorgang:
Für die Sicherung initialisieren
Error: (01/15/2015 02:04:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mspaint.exe6.1.7600.163854a5bc683mspaint.exe6.1.7600.163854a5bc683c00000050003e40170c01d0305f10a9c33fC:\Windows\system32\mspaint.exeC:\Windows\system32\mspaint.exe7ea1f964-9c52-11e4-9c3d-002268670f8a
Error: (01/12/2015 05:11:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: gimp-2.8.exe2.8.14.0e9801d02e825b19c5aa10C:\Program Files\GIMP 2\bin\gimp-2.8.exea10c9e87-9a75-11e4-ad99-002268670f8a
Error: (01/06/2015 05:09:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hot-Potatoes-lnstall.exe0.0.0.071801d029ca97151b9433C:\Users\Heinz-Willi\Downloads\Hot-Potatoes-lnstall.exe653e1047-95be-11e4-af6b-002268670f8a
CodeIntegrity Errors:
===================================
Date: 2014-10-23 14:43:25.746
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.574
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.371
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.200
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.841
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.654
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.467
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.279
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) Dual Core Processor 5050e
Percentage of memory in use: 31%
Total physical RAM: 2815.18 MB
Available physical RAM: 1918.93 MB
Total Pagefile: 5628.65 MB
Available Pagefile: 4658.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:290.78 GB) (Free:118.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Eigene Dateien) (Fixed) (Total:53.71 GB) (Free:52.22 GB) NTFS
Drive e: (Sonstige Programme) (Fixed) (Total:102.54 GB) (Free:94.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 528861D1)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=27)
Partition 2: (Active) - (Size=290.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=53.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-14 12:33:55
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD6400AAKS-22A7B2 rev.01.03B01 596,17GB
Running: Gmer-19357.exe; Driver: C:\Users\Admin\AppData\Local\Temp\ffliauod.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAddBootEntry [0x8F02BAC4]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwAllocateVirtualMemory [0x8F0E70BA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0x8F02C5A2]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEvent [0x8F03863C]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEventPair [0x8F038688]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0x8F038822]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateMutant [0x8F0385AA]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateSection [0x8F0E7494]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateSemaphore [0x8F0385F2]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateThread [0x8F0E7724]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateThreadEx [0x8F0E780E]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateTimer [0x8F0387DC]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0x8F02D390]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0x8F02BB2A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDuplicateObject [0x8F030B86]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwLoadDriver [0x8F02B716]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwMapViewOfSection [0x8F0E7574]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwModifyBootEntry [0x8F02BB90]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0x8F030F7C]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0x8F02DE78]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEvent [0x8F038666]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEventPair [0x8F0386AA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0x8F038846]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenMutant [0x8F0385D0]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenProcess [0x8F03047E]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSection [0x8F03875A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSemaphore [0x8F03861A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenThread [0x8F03086A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenTimer [0x8F038800]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0x8F0E7312]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueryObject [0x8F02DCEC]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueueApcThreadEx [0x8F02D9FA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0x8F02BBF6]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootOptions [0x8F02BC5C]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwSetContextThread [0x8F0E7670]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemInformation [0x8F02B7B0]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0x8F02B982]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwShutdownSystem [0x8F02B910]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendProcess [0x8F02D55A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendThread [0x8F02D6BC]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSystemDebugControl [0x8F02BA0A]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwTerminateProcess [0x8F0E73E0]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwTerminateThread [0x8F02D1EA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwVdmControl [0x8F02BCC2]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwWriteVirtualMemory [0x8F0E7244]
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRequestWaitReplyPort + 1495 82C459E5 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C7F312 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 82C86550 4 Bytes [C4, BA, 02, 8F]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 82C86578 4 Bytes [BA, 70, 0E, 8F]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1153 82C865D8 4 Bytes [A2, C5, 02, 8F]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 82C8662C 8 Bytes [3C, 86, 03, 8F, 88, 86, 03, ...] {CMP AL, 0x86; ADD ECX, [EDI-0x70fc7978]}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11B3 82C86638 4 Bytes [22, 88, 03, 8F]
.text ...
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 82E4261D 4 Bytes CALL 8F02E55F \SystemRoot\system32\drivers\aswSnx.sys
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 82E5C483 4 Bytes CALL 8F02E575 \SystemRoot\system32\drivers\aswSnx.sys
.text C:\Windows\system32\drivers\atikmdag.sys section is writeable [0x90E14000, 0x227A14, 0xE8000020]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\CCleaner\CCleaner.exe[1048] USER32.dll!SetScrollRange 77978EC5 5 Bytes JMP 013760C6 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[1048] USER32.dll!GetScrollInfo 77982DA3 5 Bytes JMP 01376059 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[1048] USER32.dll!SetScrollInfo 779848DA 5 Bytes JMP 013760FD C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[1048] USER32.dll!GetScrollRange 779A045A 5 Bytes JMP 01375FFC C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[1048] USER32.dll!SetScrollPos 779A04BE 5 Bytes JMP 01375FD7 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[1048] USER32.dll!GetScrollPos 779A0E43 5 Bytes JMP 01376034 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[1048] USER32.dll!EnableScrollBar 779A19CE 5 Bytes JMP 01376131 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[1048] USER32.dll!ShowScrollBar 779A3C89 5 Bytes JMP 0137608C C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1388] kernel32.dll!SetUnhandledExceptionFilter 7785F5AB 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text C:\Program Files\AVAST Software\Avast\avastui.exe[3560] kernel32.dll!SetUnhandledExceptionFilter 7785F5AB 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text C:\Program Files\Microsoft Office\Office14\WINWORD.EXE[3764] kernel32.dll!SetUnhandledExceptionFilter 7785F5AB 5 Bytes JMP 5A757765 C:\Program Files\Common Files\Microsoft Shared\office14\mso.dll
.text C:\Program Files\Microsoft Office\Office14\WINWORD.EXE[3764] ole32.dll!OleLoadFromStream 762D6143 5 Bytes JMP 5B46A10A C:\Program Files\Common Files\Microsoft Shared\office14\mso.dll
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@4490AA47 706
---- EOF - GMER 2.1 ----
|
|
14.02.2015, 17:51
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Zunehmende Verzögerung im Seitenaufbau mit Firefox Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.02.2015, 23:26
| #9 |
| | Zunehmende Verzögerung im Seitenaufbau mit Firefox Sorry, aber früherer Scan war einfach nicht möglich. Hier die Logs: Code:
ATTFilter # AdwCleaner v4.110 - Bericht erstellt 15/02/2015 um 22:37:28
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-14.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Admin - HEINZ-WILLI-PC
# Gestarted von : C:\Users\Admin\Desktop\adwcleaner_4.110.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Admin\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Heinz-Willi\AppData\Local\pdfforge
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v35.0.1 (x86 de)
-\\ Google Chrome v40.0.2214.111
[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1415217038&from=cor&uid=WDCXWD6400AAKS-22A7B2_WD-WMASY742023120231&q={searchTerms}
*************************
AdwCleaner[R0].txt - [13246 Bytes] - [23/09/2014 22:55:30]
AdwCleaner[R1].txt - [8580 Bytes] - [23/09/2014 23:05:06]
AdwCleaner[R2].txt - [7792 Bytes] - [04/10/2014 22:15:11]
AdwCleaner[R3].txt - [17670 Bytes] - [23/10/2014 00:35:07]
AdwCleaner[R4].txt - [1677 Bytes] - [15/02/2015 22:34:32]
AdwCleaner[S0].txt - [19863 Bytes] - [23/09/2014 23:02:45]
AdwCleaner[S1].txt - [17750 Bytes] - [23/10/2014 00:37:50]
AdwCleaner[S2].txt - [1599 Bytes] - [15/02/2015 22:37:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1658 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x86
Ran by Admin on 15.02.2015 at 22:40:48,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.02.2015 at 22:44:23,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-02-2015
Ran by Admin (administrator) on HEINZ-WILLI-PC on 15-02-2015 22:45:24
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available profiles: Heinz-Willi & Admin)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 2000-01-01] (Realtek Semiconductor)
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-10-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-724745677-1146776812-3954023175-1003 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\w1zsoiul.default
FF DefaultSearchUrl: https://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: www.google.de
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\w1zsoiul.default\searchplugins\yahoo-avast.xml
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\w1zsoiul.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-04]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-01]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.sweet-page.com/?type=hp&ts=1415217038&from=cor&uid=WDCXWD6400AAKS-22A7B2_WD-WMASY742023120231
CHR StartupUrls: Default -> "hxxp://www.sweet-page.com/?type=hp&ts=1415217038&from=cor&uid=WDCXWD6400AAKS-22A7B2_WD-WMASY742023120231"
CHR DefaultSearchKeyword: Default -> sweet-page
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-01]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-01]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-02]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-01]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-01]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-01]
CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-01]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-01]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-02]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3192344 2014-12-02] (Avast Software)
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE [153600 2009-09-13] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [121856 2009-09-13] (SEIKO EPSON CORPORATION)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-02] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-02] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-02] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [11232 2015-02-15] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [218192 2014-12-02] (Avast Software)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-15 22:45 - 2015-02-15 22:45 - 00011731 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-02-15 22:44 - 2015-02-15 22:44 - 00000625 _____ () C:\Users\Admin\Desktop\JRT.txt
2015-02-15 22:41 - 2015-02-15 22:41 - 00000197 _____ () C:\Windows\system32\2015-02-15-21-41-22.067-AvastVBoxSVC.exe-2124.log
2015-02-15 22:09 - 2015-02-15 22:09 - 00000197 _____ () C:\Windows\system32\2015-02-15-21-09-32.043-AvastVBoxSVC.exe-464.log
2015-02-15 14:05 - 2015-02-15 14:05 - 01388274 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2015-02-15 14:03 - 2015-02-15 14:03 - 02112512 _____ () C:\Users\Admin\Desktop\adwcleaner_4.110.exe
2015-02-14 23:11 - 2015-02-14 23:11 - 00000197 _____ () C:\Windows\system32\2015-02-14-22-11-21.097-AvastVBoxSVC.exe-2288.log
2015-02-14 21:43 - 2015-02-14 21:43 - 00000197 _____ () C:\Windows\system32\2015-02-14-20-43-29.020-AvastVBoxSVC.exe-1996.log
2015-02-14 16:38 - 2015-02-14 16:38 - 00000197 _____ () C:\Windows\system32\2015-02-14-15-38-18.027-AvastVBoxSVC.exe-2196.log
2015-02-14 11:58 - 2015-02-14 11:59 - 00000280 _____ () C:\Windows\system32\2015-02-14-10-58-59.091-aswFe.exe-1364.log
2015-02-14 11:58 - 2015-02-14 11:58 - 00000000 ____D () C:\Users\Admin\Desktop\FRST-OlderVersion
2015-02-14 11:56 - 2015-02-14 11:56 - 00000472 _____ () C:\Users\Admin\Desktop\defogger_disable.log
2015-02-14 09:14 - 2015-02-14 09:14 - 00000197 _____ () C:\Windows\system32\2015-02-14-08-14-50.013-AvastVBoxSVC.exe-2088.log
2015-02-14 02:09 - 2015-02-14 02:09 - 00000000 ____D () C:\Users\Heinz-Willi\Documents\My Games
2015-02-14 00:12 - 2015-02-14 00:12 - 00921654 _____ () C:\Users\Heinz-Willi\Documents\Bild6.bmp
2015-02-13 22:00 - 2015-02-13 22:00 - 00005285 _____ () C:\Users\Heinz-Willi\Desktop\HijackThis - Pruefung_19-01-15.txt
2015-02-13 21:16 - 2015-02-13 21:21 - 00380416 _____ () C:\Users\Admin\Desktop\Gmer-19357.exe
2015-02-13 21:10 - 2015-02-13 21:10 - 00058414 _____ () C:\Users\Heinz-Willi\Downloads\FRST-Editor.txt
2015-02-13 21:10 - 2015-02-13 21:10 - 00025376 _____ () C:\Users\Heinz-Willi\Downloads\Addition-Editor.txt
2015-02-13 21:07 - 2015-02-15 22:45 - 00000000 ____D () C:\FRST
2015-02-13 21:06 - 2015-02-14 11:58 - 01125888 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2015-02-13 21:05 - 2015-02-13 21:05 - 00050477 _____ () C:\Users\Heinz-Willi\Downloads\Defogger(1).exe
2015-02-13 21:03 - 2015-02-13 21:04 - 00000472 _____ () C:\Users\Heinz-Willi\Desktop\defogger_disable.log
2015-02-13 21:03 - 2015-02-13 21:03 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-02-13 21:01 - 2015-02-13 21:01 - 00050477 _____ () C:\Users\Admin\Desktop\Defogger.exe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default\AppData\Local\Adobe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-02-13 20:49 - 2015-02-13 20:49 - 00000000 ____D () C:\Users\Default User\AppData\Local\Adobe
2015-02-13 20:43 - 2015-02-13 20:43 - 00000197 _____ () C:\Windows\system32\2015-02-13-19-43-00.060-AvastVBoxSVC.exe-2128.log
2015-02-13 16:41 - 2015-02-13 16:41 - 00000197 _____ () C:\Windows\system32\2015-02-13-15-41-33.018-AvastVBoxSVC.exe-2456.log
2015-02-13 14:28 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 14:28 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 14:23 - 2015-02-13 14:23 - 00000197 _____ () C:\Windows\system32\2015-02-13-13-23-38.053-AvastVBoxSVC.exe-2512.log
2015-02-12 21:50 - 2015-02-12 21:51 - 00000197 _____ () C:\Windows\system32\2015-02-12-20-50-56.080-AvastVBoxSVC.exe-2196.log
2015-02-12 18:35 - 2015-02-12 18:35 - 00000197 _____ () C:\Windows\system32\2015-02-12-17-35-02.049-AvastVBoxSVC.exe-3348.log
2015-02-12 14:21 - 2015-02-12 14:21 - 00000197 _____ () C:\Windows\system32\2015-02-12-13-21-21.046-AvastVBoxSVC.exe-2076.log
2015-02-12 11:23 - 2015-02-12 11:23 - 00000197 _____ () C:\Windows\system32\2015-02-12-10-23-21.090-AvastVBoxSVC.exe-2116.log
2015-02-12 10:59 - 2015-02-12 10:59 - 00000197 _____ () C:\Windows\system32\2015-02-12-09-59-23.031-AvastVBoxSVC.exe-2904.log
2015-02-12 00:37 - 2015-02-12 00:37 - 00000197 _____ () C:\Windows\system32\2015-02-11-23-37-12.070-AvastVBoxSVC.exe-2088.log
2015-02-11 22:19 - 2015-02-11 22:19 - 00011856 _____ () C:\Users\Heinz-Willi\Downloads\artmedic_wissensquiz.zip
2015-02-11 21:19 - 2015-02-11 21:19 - 00000197 _____ () C:\Windows\system32\2015-02-11-20-19-02.014-AvastVBoxSVC.exe-2428.log
2015-02-11 19:55 - 2015-02-11 19:55 - 00000197 _____ () C:\Windows\system32\2015-02-11-18-55-12.077-AvastVBoxSVC.exe-2124.log
2015-02-11 15:54 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 15:54 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 15:53 - 2015-01-15 08:46 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 15:53 - 2015-01-15 08:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 15:53 - 2015-01-15 08:43 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 15:53 - 2015-01-15 08:43 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 15:53 - 2015-01-15 08:42 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 15:53 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 15:53 - 2015-01-15 08:42 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 15:53 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 15:53 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 15:53 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 15:53 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 15:53 - 2015-01-15 05:21 - 00369968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 15:53 - 2015-01-09 02:45 - 02380288 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 15:53 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 15:53 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 15:53 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-02-11 15:52 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-02-11 15:52 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 15:52 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 15:52 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 15:52 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 15:52 - 2015-01-12 03:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 15:52 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 15:52 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 15:52 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 15:52 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 15:52 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 15:52 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 15:52 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 15:52 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 15:52 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 15:52 - 2015-01-12 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 15:52 - 2015-01-12 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 15:52 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 15:52 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 15:52 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 15:52 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 15:52 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 15:52 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 15:52 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 15:52 - 2015-01-12 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 15:52 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 15:52 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 15:52 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 15:52 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 15:52 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 15:51 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 15:51 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 15:51 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 15:51 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 15:49 - 2015-02-11 15:49 - 00000197 _____ () C:\Windows\system32\2015-02-11-14-49-02.070-AvastVBoxSVC.exe-2108.log
2015-02-11 14:10 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:10 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 14:10 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:10 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 14:10 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 11:54 - 2015-02-11 11:54 - 00000197 _____ () C:\Windows\system32\2015-02-11-10-54-39.085-AvastVBoxSVC.exe-2056.log
2015-02-11 02:25 - 2015-02-11 02:25 - 00000197 _____ () C:\Windows\system32\2015-02-11-01-25-14.050-AvastVBoxSVC.exe-2652.log
2015-02-11 02:20 - 2015-02-11 02:20 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-11 02:20 - 2015-02-11 02:20 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-02-11 02:19 - 2000-01-01 01:00 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2015-02-11 02:19 - 2000-01-01 01:00 - 13789440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 11878656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 07162128 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-02-11 02:19 - 2000-01-01 01:00 - 04713224 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 03343832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-02-11 02:19 - 2000-01-01 01:00 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 02513264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 02354544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-02-11 02:19 - 2000-01-01 01:00 - 01823320 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-02-11 02:19 - 2000-01-01 01:00 - 01379760 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 01053208 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00966904 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00948336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00945456 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00927448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00919600 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00852016 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00844192 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00818936 _____ (DTS, Inc.) C:\Windows\system32\sl3apo32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00818000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00606968 _____ (DTS, Inc.) C:\Windows\system32\sltech32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00386072 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00352016 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00219896 _____ (TODO: <Company name>) C:\Windows\system32\slprp32.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00134584 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00106768 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00091920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00062224 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00058264 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TepeqAPO.dll
2015-02-11 02:19 - 2000-01-01 01:00 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2015-02-11 02:18 - 2015-02-11 02:20 - 00000000 ___HD () C:\Program Files\Temp
2015-02-11 02:18 - 2015-02-11 02:18 - 00000000 ____D () C:\Program Files\Realtek
2015-02-11 02:18 - 2000-01-01 01:00 - 06177624 _____ (Dolby Laboratories) C:\Windows\system32\DDPP32A.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 02421792 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01940056 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01490264 _____ (Dolby Laboratories) C:\Windows\system32\DDPD32A.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01468608 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01175888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 01145600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00966744 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO40.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00509184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00426944 _____ (DTS) C:\Windows\system32\DTSU2PLFX32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00403392 _____ (DTS) C:\Windows\system32\DTSU2PGFX32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00357712 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00346048 _____ (DTS) C:\Windows\system32\DTSU2PREC32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00276128 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00274264 _____ (Dolby Laboratories) C:\Windows\system32\DDPO32A.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00221528 _____ (Dolby Laboratories) C:\Windows\system32\DDPA32.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00188696 _____ () C:\Windows\system32\AcpiServiceVnA.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-02-11 02:18 - 2000-01-01 01:00 - 00087864 _____ () C:\Windows\system32\audioLibVc.dll
2015-02-11 02:11 - 2015-02-11 02:11 - 00000000 ____D () C:\ProgramData\SlimWare Utilities, Inc
2015-02-11 02:08 - 2015-02-15 22:39 - 00000386 _____ () C:\Windows\Tasks\SlimDrivers Startup.job
2015-02-11 02:08 - 2015-02-15 22:38 - 00011232 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-02-11 02:08 - 2015-02-11 02:08 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-02-11 02:08 - 2015-02-11 02:08 - 00000000 ____D () C:\Users\Admin\AppData\Local\SlimWare Utilities Inc
2015-02-11 02:07 - 2015-02-11 02:07 - 00858432 _____ (SlimWare Utilities, Inc.) C:\Users\Heinz-Willi\Downloads\slimdrivers-setup.exe
2015-02-11 02:03 - 2015-02-11 02:05 - 26012864 _____ () C:\Users\Heinz-Willi\Downloads\GoogleEarthProWin.exe
2015-02-10 22:44 - 2015-02-10 22:44 - 00000197 _____ () C:\Windows\system32\2015-02-10-21-44-52.058-AvastVBoxSVC.exe-2596.log
2015-02-10 18:48 - 2015-02-10 18:48 - 00000197 _____ () C:\Windows\system32\2015-02-10-17-48-01.028-AvastVBoxSVC.exe-2288.log
2015-02-10 16:12 - 2015-02-10 16:12 - 00000197 _____ () C:\Windows\system32\2015-02-10-15-12-34.022-AvastVBoxSVC.exe-2088.log
2015-02-10 11:02 - 2015-02-10 11:02 - 00000197 _____ () C:\Windows\system32\2015-02-10-10-02-32.012-AvastVBoxSVC.exe-2152.log
2015-02-09 23:30 - 2015-02-09 23:31 - 00000197 _____ () C:\Windows\system32\2015-02-09-22-30-23.042-AvastVBoxSVC.exe-2476.log
2015-02-09 20:29 - 2015-02-09 20:29 - 00000197 _____ () C:\Windows\system32\2015-02-09-19-29-35.048-AvastVBoxSVC.exe-2684.log
2015-02-09 19:28 - 2015-02-09 19:29 - 00000197 _____ () C:\Windows\system32\2015-02-09-18-28-52.046-AvastVBoxSVC.exe-2752.log
2015-02-09 12:00 - 2015-02-09 12:00 - 00000197 _____ () C:\Windows\system32\2015-02-09-11-00-11.092-AvastVBoxSVC.exe-2244.log
2015-02-08 18:56 - 2015-02-08 18:56 - 00000197 _____ () C:\Windows\system32\2015-02-08-17-56-04.058-AvastVBoxSVC.exe-2224.log
2015-02-08 00:45 - 2015-02-08 00:45 - 00000197 _____ () C:\Windows\system32\2015-02-07-23-45-39.008-AvastVBoxSVC.exe-2128.log
2015-02-07 21:46 - 2015-02-07 21:46 - 00000197 _____ () C:\Windows\system32\2015-02-07-20-46-27.068-AvastVBoxSVC.exe-2532.log
2015-02-07 17:06 - 2015-02-07 17:06 - 00000197 _____ () C:\Windows\system32\2015-02-07-16-06-02.080-AvastVBoxSVC.exe-3008.log
2015-02-07 15:45 - 2015-02-07 15:45 - 00000197 _____ () C:\Windows\system32\2015-02-07-14-45-38.065-AvastVBoxSVC.exe-3964.log
2015-02-07 12:11 - 2015-02-07 12:12 - 00000197 _____ () C:\Windows\system32\2015-02-07-11-11-59.093-AvastVBoxSVC.exe-1776.log
2015-02-07 06:00 - 2015-02-07 06:00 - 00000197 _____ () C:\Windows\system32\2015-02-07-05-00-20.040-AvastVBoxSVC.exe-2084.log
2015-02-07 03:25 - 2015-02-07 03:26 - 00000197 _____ () C:\Windows\system32\2015-02-07-02-25-54.086-AvastVBoxSVC.exe-1192.log
2015-02-06 23:20 - 2015-02-06 23:21 - 00000197 _____ () C:\Windows\system32\2015-02-06-22-20-57.083-AvastVBoxSVC.exe-1236.log
2015-02-06 19:18 - 2015-02-06 19:19 - 00000197 _____ () C:\Windows\system32\2015-02-06-18-18-59.064-AvastVBoxSVC.exe-2624.log
2015-02-06 17:00 - 2015-02-06 17:00 - 00000197 _____ () C:\Windows\system32\2015-02-06-16-00-39.077-AvastVBoxSVC.exe-2216.log
2015-02-06 11:16 - 2015-02-06 11:16 - 00000197 _____ () C:\Windows\system32\2015-02-06-10-16-52.000-AvastVBoxSVC.exe-2064.log
2015-02-05 19:04 - 2015-02-05 19:04 - 00000197 _____ () C:\Windows\system32\2015-02-05-18-04-03.080-AvastVBoxSVC.exe-2172.log
2015-02-05 16:02 - 2015-02-05 16:02 - 00000197 _____ () C:\Windows\system32\2015-02-05-15-02-06.084-AvastVBoxSVC.exe-2156.log
2015-02-05 01:57 - 2015-02-05 01:57 - 00000197 _____ () C:\Windows\system32\2015-02-05-00-57-05.041-AvastVBoxSVC.exe-2256.log
2015-02-04 23:06 - 2015-02-04 23:06 - 00000197 _____ () C:\Windows\system32\2015-02-04-22-06-41.043-AvastVBoxSVC.exe-2188.log
2015-02-04 19:45 - 2015-02-04 19:45 - 00000197 _____ () C:\Windows\system32\2015-02-04-18-45-36.057-AvastVBoxSVC.exe-2188.log
2015-02-04 17:33 - 2015-02-04 17:34 - 00000197 _____ () C:\Windows\system32\2015-02-04-16-33-52.045-AvastVBoxSVC.exe-2248.log
2015-02-04 04:15 - 2015-02-04 04:15 - 00000197 _____ () C:\Windows\system32\2015-02-04-03-15-30.000-AvastVBoxSVC.exe-2164.log
2015-02-03 18:22 - 2015-02-03 18:22 - 00000197 _____ () C:\Windows\system32\2015-02-03-17-22-52.088-AvastVBoxSVC.exe-2124.log
2015-02-03 16:06 - 2015-02-03 16:06 - 00000197 _____ () C:\Windows\system32\2015-02-03-15-06-04.054-AvastVBoxSVC.exe-2456.log
2015-02-03 12:21 - 2015-02-03 12:22 - 00000197 _____ () C:\Windows\system32\2015-02-03-11-21-23.021-AvastVBoxSVC.exe-1368.log
2015-02-03 00:32 - 2015-02-03 00:32 - 00000197 _____ () C:\Windows\system32\2015-02-02-23-32-38.035-AvastVBoxSVC.exe-1284.log
2015-02-02 21:35 - 2015-02-02 21:36 - 00000197 _____ () C:\Windows\system32\2015-02-02-20-35-31.055-AvastVBoxSVC.exe-2272.log
2015-02-02 17:01 - 2015-02-02 17:01 - 00000197 _____ () C:\Windows\system32\2015-02-02-16-01-45.075-AvastVBoxSVC.exe-2124.log
2015-02-01 23:52 - 2015-02-01 23:52 - 00000197 _____ () C:\Windows\system32\2015-02-01-22-52-42.025-AvastVBoxSVC.exe-2348.log
2015-02-01 18:22 - 2015-02-01 18:22 - 00000197 _____ () C:\Windows\system32\2015-02-01-17-22-12.012-AvastVBoxSVC.exe-2612.log
2015-02-01 13:43 - 2015-02-01 13:44 - 00000197 _____ () C:\Windows\system32\2015-02-01-12-43-31.060-AvastVBoxSVC.exe-2272.log
2015-02-01 04:08 - 2015-02-01 04:08 - 00000197 _____ () C:\Windows\system32\2015-02-01-03-08-32.065-AvastVBoxSVC.exe-2196.log
2015-01-31 21:40 - 2015-01-31 21:40 - 00000247 _____ () C:\Windows\system32\2015-01-31-20-40-48.099-aswFe.exe-668.log
2015-01-31 21:35 - 2015-01-31 21:40 - 00000247 _____ () C:\Windows\system32\2015-01-31-20-35-54.040-aswFe.exe-1852.log
2015-01-31 21:35 - 2015-01-31 21:35 - 00000197 _____ () C:\Windows\system32\2015-01-31-20-35-51.005-AvastVBoxSVC.exe-3968.log
2015-01-31 16:05 - 2015-01-31 16:05 - 00000197 _____ () C:\Windows\system32\2015-01-31-15-05-54.017-AvastVBoxSVC.exe-2384.log
2015-01-31 16:02 - 2015-01-31 16:02 - 00777920 _____ (Aff) C:\Users\Heinz-Willi\Downloads\FlvPlayerSetup.exe
2015-01-31 15:54 - 2015-01-31 15:54 - 00808512 _____ (CoinisRS) C:\Users\Heinz-Willi\Downloads\adobe_flash_setup.exe
2015-01-31 15:54 - 2015-01-31 15:54 - 00808512 _____ (CoinisRS) C:\Users\Heinz-Willi\Downloads\adobe_flash_setup(1).exe
2015-01-31 13:39 - 2015-01-31 13:39 - 00000197 _____ () C:\Windows\system32\2015-01-31-12-39-22.048-AvastVBoxSVC.exe-2212.log
2015-01-31 11:56 - 2015-01-31 11:56 - 00000197 _____ () C:\Windows\system32\2015-01-31-10-56-04.067-AvastVBoxSVC.exe-2588.log
2015-01-31 04:12 - 2015-01-31 04:12 - 00000197 _____ () C:\Windows\system32\2015-01-31-03-12-46.022-AvastVBoxSVC.exe-2216.log
2015-01-30 23:20 - 2015-01-30 23:20 - 00000197 _____ () C:\Windows\system32\2015-01-30-22-20-07.012-AvastVBoxSVC.exe-2088.log
2015-01-30 22:33 - 2015-01-30 22:33 - 00000197 _____ () C:\Windows\system32\2015-01-30-21-33-04.032-AvastVBoxSVC.exe-1216.log
2015-01-30 17:29 - 2015-01-30 17:30 - 00000197 _____ () C:\Windows\system32\2015-01-30-16-29-52.017-AvastVBoxSVC.exe-2508.log
2015-01-30 15:36 - 2015-01-30 15:36 - 00000197 _____ () C:\Windows\system32\2015-01-30-14-36-58.096-AvastVBoxSVC.exe-2112.log
2015-01-30 09:25 - 2015-01-30 09:25 - 00000197 _____ () C:\Windows\system32\2015-01-30-08-25-38.049-AvastVBoxSVC.exe-2912.log
2015-01-30 06:43 - 2015-01-30 06:43 - 00000197 _____ () C:\Windows\system32\2015-01-30-05-43-11.006-AvastVBoxSVC.exe-2356.log
2015-01-29 21:30 - 2015-01-29 21:30 - 00000197 _____ () C:\Windows\system32\2015-01-29-20-30-09.097-AvastVBoxSVC.exe-2664.log
2015-01-29 20:07 - 2015-02-15 22:38 - 00005311 _____ () C:\Windows\setupact.log
2015-01-29 20:07 - 2015-01-29 20:07 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-29 17:07 - 2015-01-29 17:08 - 05325208 _____ (Piriform Ltd) C:\Users\Heinz-Willi\Downloads\ccsetup502.exe
2015-01-29 14:45 - 2015-01-29 14:45 - 00000197 _____ () C:\Windows\system32\2015-01-29-13-45-29.081-AvastVBoxSVC.exe-1576.log
2015-01-29 09:36 - 2015-01-29 09:36 - 00000197 _____ () C:\Windows\system32\2015-01-29-08-36-01.063-AvastVBoxSVC.exe-2536.log
2015-01-29 01:07 - 2015-01-29 01:07 - 00000197 _____ () C:\Windows\system32\2015-01-29-00-07-05.082-AvastVBoxSVC.exe-2148.log
2015-01-28 22:34 - 2015-01-28 22:35 - 00000197 _____ () C:\Windows\system32\2015-01-28-21-34-59.061-AvastVBoxSVC.exe-2124.log
2015-01-28 13:12 - 2015-01-28 13:13 - 00000197 _____ () C:\Windows\system32\2015-01-28-12-12-55.026-AvastVBoxSVC.exe-2192.log
2015-01-28 08:21 - 2015-01-28 08:21 - 00000197 _____ () C:\Windows\system32\2015-01-28-07-21-34.087-AvastVBoxSVC.exe-2592.log
2015-01-28 01:51 - 2015-01-28 01:51 - 00000197 _____ () C:\Windows\system32\2015-01-28-00-51-30.070-AvastVBoxSVC.exe-1356.log
2015-01-27 19:47 - 2015-01-27 19:48 - 00000197 _____ () C:\Windows\system32\2015-01-27-18-47-55.084-AvastVBoxSVC.exe-1636.log
2015-01-27 16:00 - 2015-01-27 16:00 - 00000197 _____ () C:\Windows\system32\2015-01-27-15-00-42.022-AvastVBoxSVC.exe-2092.log
2015-01-27 13:03 - 2015-01-27 13:03 - 00000197 _____ () C:\Windows\system32\2015-01-27-12-03-42.002-AvastVBoxSVC.exe-2156.log
2015-01-27 10:52 - 2015-01-27 10:52 - 00000197 _____ () C:\Windows\system32\2015-01-27-09-52-19.078-AvastVBoxSVC.exe-1144.log
2015-01-27 05:46 - 2015-01-27 05:46 - 00000197 _____ () C:\Windows\system32\2015-01-27-04-46-41.029-AvastVBoxSVC.exe-2056.log
2015-01-27 04:15 - 2015-01-27 04:15 - 00000197 _____ () C:\Windows\system32\2015-01-27-03-15-39.087-AvastVBoxSVC.exe-1324.log
2015-01-26 22:26 - 2015-01-26 22:27 - 00000197 _____ () C:\Windows\system32\2015-01-26-21-26-55.049-AvastVBoxSVC.exe-2244.log
2015-01-26 20:04 - 2015-01-26 20:04 - 00000197 _____ () C:\Windows\system32\2015-01-26-19-04-11.025-AvastVBoxSVC.exe-2152.log
2015-01-26 16:29 - 2015-01-26 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-26 16:29 - 2015-01-26 16:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-01-26 16:28 - 2015-01-26 16:29 - 06958304 _____ (Microsoft Corporation) C:\Users\Heinz-Willi\Downloads\Silverlight.exe
2015-01-26 16:19 - 2015-01-26 16:19 - 00000197 _____ () C:\Windows\system32\2015-01-26-15-19-37.043-AvastVBoxSVC.exe-2188.log
2015-01-26 14:23 - 2015-01-26 14:23 - 00000197 _____ () C:\Windows\system32\2015-01-26-13-23-27.082-AvastVBoxSVC.exe-464.log
2015-01-26 11:57 - 2015-01-26 11:57 - 00000247 _____ () C:\Windows\system32\2015-01-26-10-57-17.041-aswFe.exe-2984.log
2015-01-26 11:53 - 2015-01-26 11:57 - 00000247 _____ () C:\Windows\system32\2015-01-26-10-53-28.059-aswFe.exe-2596.log
2015-01-26 11:53 - 2015-01-26 11:53 - 00000197 _____ () C:\Windows\system32\2015-01-26-10-53-25.052-AvastVBoxSVC.exe-2116.log
2015-01-25 21:46 - 2015-01-25 21:46 - 00000197 _____ () C:\Windows\system32\2015-01-25-20-46-28.076-AvastVBoxSVC.exe-2248.log
2015-01-25 20:59 - 2015-01-25 20:59 - 00000197 _____ () C:\Windows\system32\2015-01-25-19-59-40.038-AvastVBoxSVC.exe-2268.log
2015-01-25 17:22 - 2015-01-25 17:22 - 00000197 _____ () C:\Windows\system32\2015-01-25-16-22-37.041-AvastVBoxSVC.exe-1976.log
2015-01-25 11:49 - 2015-01-25 11:49 - 00000197 _____ () C:\Windows\system32\2015-01-25-10-49-26.054-AvastVBoxSVC.exe-1108.log
2015-01-25 08:26 - 2015-01-25 08:26 - 00000197 _____ () C:\Windows\system32\2015-01-25-07-26-07.049-AvastVBoxSVC.exe-2268.log
2015-01-25 05:15 - 2015-01-25 05:15 - 00000197 _____ () C:\Windows\system32\2015-01-25-04-15-17.020-AvastVBoxSVC.exe-2316.log
2015-01-24 20:21 - 2015-01-24 20:21 - 00000197 _____ () C:\Windows\system32\2015-01-24-19-21-48.009-AvastVBoxSVC.exe-1136.log
2015-01-24 18:54 - 2015-01-24 18:54 - 00000197 _____ () C:\Windows\system32\2015-01-24-17-54-14.022-AvastVBoxSVC.exe-2508.log
2015-01-24 16:50 - 2015-01-24 16:50 - 00000197 _____ () C:\Windows\system32\2015-01-24-15-50-04.027-AvastVBoxSVC.exe-2848.log
2015-01-24 13:48 - 2015-01-24 13:48 - 00000197 _____ () C:\Windows\system32\2015-01-24-12-48-16.074-AvastVBoxSVC.exe-2084.log
2015-01-24 03:47 - 2015-01-24 03:47 - 00000197 _____ () C:\Windows\system32\2015-01-24-02-47-36.009-AvastVBoxSVC.exe-2532.log
2015-01-23 22:50 - 2015-01-23 22:50 - 00000197 _____ () C:\Windows\system32\2015-01-23-21-50-02.086-AvastVBoxSVC.exe-1528.log
2015-01-23 22:26 - 2015-01-23 22:26 - 00000197 _____ () C:\Windows\system32\2015-01-23-21-26-28.025-AvastVBoxSVC.exe-348.log
2015-01-23 19:50 - 2015-01-23 19:50 - 00000197 _____ () C:\Windows\system32\2015-01-23-18-50-19.086-AvastVBoxSVC.exe-2408.log
2015-01-23 18:14 - 2015-01-23 18:14 - 00000197 _____ () C:\Windows\system32\2015-01-23-17-14-16.023-AvastVBoxSVC.exe-3256.log
2015-01-23 16:22 - 2015-01-23 16:22 - 00000197 _____ () C:\Windows\system32\2015-01-23-15-22-26.052-AvastVBoxSVC.exe-1576.log
2015-01-23 14:14 - 2015-01-23 14:15 - 00000197 _____ () C:\Windows\system32\2015-01-23-13-14-40.022-AvastVBoxSVC.exe-3456.log
2015-01-23 11:28 - 2015-01-23 11:29 - 00000197 _____ () C:\Windows\system32\2015-01-23-10-28-54.065-AvastVBoxSVC.exe-1564.log
2015-01-23 05:06 - 2015-01-23 05:06 - 00000197 _____ () C:\Windows\system32\2015-01-23-04-06-04.073-AvastVBoxSVC.exe-2512.log
2015-01-22 19:38 - 2015-01-22 19:38 - 00000197 _____ () C:\Windows\system32\2015-01-22-18-38-28.058-AvastVBoxSVC.exe-2172.log
2015-01-22 16:38 - 2015-01-22 16:38 - 00000197 _____ () C:\Windows\system32\2015-01-22-15-38-01.045-AvastVBoxSVC.exe-1172.log
2015-01-22 14:48 - 2015-01-22 14:48 - 00000197 _____ () C:\Windows\system32\2015-01-22-13-48-37.003-AvastVBoxSVC.exe-1304.log
2015-01-22 13:17 - 2015-01-22 13:18 - 00000197 _____ () C:\Windows\system32\2015-01-22-12-17-39.029-AvastVBoxSVC.exe-1344.log
2015-01-22 05:49 - 2015-01-22 05:49 - 00000197 _____ () C:\Windows\system32\2015-01-22-04-49-41.001-AvastVBoxSVC.exe-2392.log
2015-01-21 22:04 - 2015-01-21 22:05 - 00000197 _____ () C:\Windows\system32\2015-01-21-21-04-37.090-AvastVBoxSVC.exe-2224.log
2015-01-21 17:55 - 2015-01-21 17:55 - 00000197 _____ () C:\Windows\system32\2015-01-21-16-55-23.040-AvastVBoxSVC.exe-3248.log
2015-01-21 14:02 - 2015-01-21 14:03 - 00000197 _____ () C:\Windows\system32\2015-01-21-13-02-51.040-AvastVBoxSVC.exe-2056.log
2015-01-21 11:16 - 2015-01-21 11:16 - 00000197 _____ () C:\Windows\system32\2015-01-21-10-16-09.075-AvastVBoxSVC.exe-356.log
2015-01-21 05:12 - 2015-01-21 05:12 - 00000197 _____ () C:\Windows\system32\2015-01-21-04-12-08.006-AvastVBoxSVC.exe-2076.log
2015-01-20 22:40 - 2015-01-20 22:40 - 00000197 _____ () C:\Windows\system32\2015-01-20-21-40-54.055-AvastVBoxSVC.exe-1316.log
2015-01-20 19:25 - 2015-01-20 19:26 - 00000197 _____ () C:\Windows\system32\2015-01-20-18-25-49.073-AvastVBoxSVC.exe-2332.log
2015-01-20 16:03 - 2015-01-20 16:03 - 00000197 _____ () C:\Windows\system32\2015-01-20-15-03-24.050-AvastVBoxSVC.exe-2408.log
2015-01-20 13:16 - 2015-01-20 13:17 - 00000197 _____ () C:\Windows\system32\2015-01-20-12-16-38.071-AvastVBoxSVC.exe-2084.log
2015-01-20 08:48 - 2015-01-20 08:48 - 00000197 _____ () C:\Windows\system32\2015-01-20-07-48-54.039-AvastVBoxSVC.exe-2084.log
2015-01-20 07:14 - 2015-01-20 07:14 - 00000197 _____ () C:\Windows\system32\2015-01-20-06-14-04.094-AvastVBoxSVC.exe-1528.log
2015-01-20 05:50 - 2015-01-20 05:50 - 00000197 _____ () C:\Windows\system32\2015-01-20-04-50-45.057-AvastVBoxSVC.exe-2228.log
2015-01-19 21:10 - 2015-01-19 21:11 - 00000197 _____ () C:\Windows\system32\2015-01-19-20-10-59.073-AvastVBoxSVC.exe-2152.log
2015-01-19 19:56 - 2015-01-19 19:56 - 00000197 _____ () C:\Windows\system32\2015-01-19-18-56-49.087-AvastVBoxSVC.exe-1244.log
2015-01-19 19:25 - 2015-01-19 19:25 - 00000197 _____ () C:\Windows\system32\2015-01-19-18-25-51.008-AvastVBoxSVC.exe-2516.log
2015-01-19 13:01 - 2015-01-19 13:01 - 00000197 _____ () C:\Windows\system32\2015-01-19-12-01-23.080-AvastVBoxSVC.exe-1368.log
2015-01-19 09:05 - 2015-01-19 09:05 - 00000197 _____ () C:\Windows\system32\2015-01-19-08-05-40.055-AvastVBoxSVC.exe-2192.log
2015-01-19 00:14 - 2015-01-19 00:14 - 00000197 _____ () C:\Windows\system32\2015-01-18-23-14-45.028-AvastVBoxSVC.exe-1792.log
2015-01-18 20:33 - 2015-01-18 20:34 - 00000197 _____ () C:\Windows\system32\2015-01-18-19-33-46.064-AvastVBoxSVC.exe-2432.log
2015-01-18 17:29 - 2015-01-18 17:29 - 00000197 _____ () C:\Windows\system32\2015-01-18-16-29-02.071-AvastVBoxSVC.exe-2384.log
2015-01-18 14:32 - 2015-01-18 14:32 - 00000197 _____ () C:\Windows\system32\2015-01-18-13-32-11.033-AvastVBoxSVC.exe-2336.log
2015-01-18 11:30 - 2015-01-18 11:30 - 00000197 _____ () C:\Windows\system32\2015-01-18-10-30-38.046-AvastVBoxSVC.exe-1852.log
2015-01-18 08:14 - 2015-01-18 08:14 - 00000197 _____ () C:\Windows\system32\2015-01-18-07-14-10.066-AvastVBoxSVC.exe-2904.log
2015-01-17 20:46 - 2015-01-17 20:46 - 00000247 _____ () C:\Windows\system32\2015-01-17-19-46-26.045-aswFe.exe-1068.log
2015-01-17 20:42 - 2015-01-17 20:46 - 00000247 _____ () C:\Windows\system32\2015-01-17-19-42-13.075-aswFe.exe-672.log
2015-01-17 16:38 - 2015-01-17 16:38 - 00000197 _____ () C:\Windows\system32\2015-01-17-15-38-21.056-AvastVBoxSVC.exe-2152.log
2015-01-17 15:57 - 2015-01-17 15:57 - 00000197 _____ () C:\Windows\system32\2015-01-17-14-57-41.090-AvastVBoxSVC.exe-356.log
2015-01-17 14:32 - 2015-01-17 14:33 - 00000197 _____ () C:\Windows\system32\2015-01-17-13-32-49.027-AvastVBoxSVC.exe-2784.log
2015-01-17 12:00 - 2015-01-17 12:00 - 00000197 _____ () C:\Windows\system32\2015-01-17-11-00-16.009-AvastVBoxSVC.exe-2364.log
2015-01-17 08:03 - 2015-01-17 08:03 - 00000197 _____ () C:\Windows\system32\2015-01-17-07-03-46.085-AvastVBoxSVC.exe-2076.log
2015-01-16 19:52 - 2015-01-16 19:52 - 00000197 _____ () C:\Windows\system32\2015-01-16-18-52-38.036-AvastVBoxSVC.exe-2128.log
2015-01-16 18:45 - 2015-01-16 18:45 - 00000197 _____ () C:\Windows\system32\2015-01-16-17-45-40.013-AvastVBoxSVC.exe-2488.log
2015-01-16 15:31 - 2015-01-16 15:31 - 00000197 _____ () C:\Windows\system32\2015-01-16-14-31-39.064-AvastVBoxSVC.exe-2172.log
2015-01-16 12:27 - 2015-01-16 12:27 - 00000197 _____ () C:\Windows\system32\2015-01-16-11-27-24.068-AvastVBoxSVC.exe-2052.log
2015-01-16 07:08 - 2015-01-16 07:08 - 00000197 _____ () C:\Windows\system32\2015-01-16-06-08-48.021-AvastVBoxSVC.exe-2364.log
2015-01-16 04:23 - 2015-01-16 04:23 - 00000197 _____ () C:\Windows\system32\2015-01-16-03-23-22.040-AvastVBoxSVC.exe-2296.log
2015-01-16 02:58 - 2015-01-16 02:58 - 00000197 _____ () C:\Windows\system32\2015-01-16-01-58-00.056-AvastVBoxSVC.exe-2736.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-15 22:45 - 2014-10-02 18:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-15 22:42 - 2014-10-01 17:25 - 01962172 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 22:38 - 2014-10-01 21:22 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 22:38 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 22:37 - 2014-09-23 22:51 - 00000000 ____D () C:\AdwCleaner
2015-02-15 22:17 - 2009-07-14 05:34 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 22:17 - 2009-07-14 05:34 - 00023168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-14 01:52 - 2014-10-01 17:37 - 00000000 ____D () C:\Users\Heinz-Willi
2015-02-14 00:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2015-02-13 21:03 - 2014-10-01 17:39 - 00000000 ____D () C:\Users\Admin
2015-02-13 20:49 - 2014-11-12 00:26 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-02-13 02:18 - 2014-10-13 22:32 - 00000000 ___RD () C:\Users\Heinz-Willi\Documents\HP Melsbach neu
2015-02-12 15:04 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-12 12:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-11 19:54 - 2009-07-14 05:33 - 00433048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 19:52 - 2014-12-11 10:29 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 19:52 - 2014-10-02 12:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 19:52 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2015-02-11 18:13 - 2014-10-15 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 18:07 - 2014-10-23 14:01 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 14:12 - 2014-10-01 17:50 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 14:12 - 2009-07-14 03:04 - 00000580 _____ () C:\Windows\win.ini
2015-02-11 02:18 - 2014-10-03 22:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-02-09 13:28 - 2014-10-01 23:10 - 00000000 ___RD () C:\Users\Heinz-Willi\Documents\HP Melsbach
2015-02-05 20:45 - 2014-10-02 18:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-05 20:45 - 2014-10-02 18:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-05 16:06 - 2014-10-01 21:22 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 23:12 - 2014-07-20 15:28 - 00000000 ____D () C:\Users\Heinz-Willi\Desktop\Homepage Schalke
2015-01-29 17:09 - 2014-10-14 21:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-27 06:07 - 2014-10-01 17:39 - 01591896 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 02:56 - 2014-10-23 17:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-26 16:25 - 2014-11-05 20:55 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-26 16:25 - 2014-11-05 20:54 - 00000000 ____D () C:\Program Files\Java
2015-01-26 16:24 - 2014-12-04 18:01 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-26 02:54 - 2014-10-02 02:42 - 00000000 ____D () C:\Users\Heinz-Willi\AppData\Local\Microsoft Games
2015-01-24 03:45 - 2009-07-14 05:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-19 01:01 - 2014-10-01 21:11 - 00000000 ____D () C:\Users\Heinz-Willi\Desktop\Sicherheitsprogramme
2015-01-19 00:18 - 2014-11-06 01:33 - 00000000 ____D () C:\Users\Admin\Downloads\backups
2015-01-19 00:11 - 2014-11-05 22:26 - 00000000 ____D () C:\ProgramData\ddc24aa9-6c5d-44d0-8c40-9bed83bb2ab7
2015-01-19 00:00 - 2014-11-07 17:19 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-18 23:59 - 2014-11-07 17:18 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2015-01-18 02:39 - 2014-11-02 02:18 - 00000000 ____D () C:\Users\Heinz-Willi\Documents\50plus
2015-01-16 14:12 - 2014-11-26 23:49 - 00000000 ____D () C:\Users\Heinz-Willi\Documents\Computer Bild
==================== Files in the root of some directories =======
2014-10-04 01:58 - 2014-10-04 01:58 - 0000045 _____ () C:\Users\Admin\AppData\Roaming\WB.CFG
2014-10-25 18:21 - 2014-11-13 23:18 - 0007602 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-02-11 02:20 - 2015-02-11 02:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
C:\Users\Heinz-Willi\AppData\Local\Temp\jre-8u31-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 00:57
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-02-2015
Ran by Admin at 2015-02-15 22:46:23
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4 Elements II (HKLM\...\4 Elements II_is1) (Version: 1.0 - MyPlayCity, Inc.)
7-Zip 9.34 alpha (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Ahnenblatt 2.85 (HKLM\...\Ahnenblatt_is1) (Version: 2.85.0.1 - Dirk Böttcher)
Amazing Pyramids (HKLM\...\Amazing Pyramids_is1) (Version: 1.0 - MyPlayCity, Inc.)
Anka (HKLM\...\Anka_is1) (Version: 1.0 - MyPlayCity, Inc.)
Astro Avenger 2 (HKLM\...\Astro Avenger 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Atlantis Quest (HKLM\...\Atlantis Quest_is1) (Version: 1.0 - MyPlayCity, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bato (HKLM\...\Bato_is1) (Version: 1.0 - MyPlayCity, Inc.)
Beetle Bug 3 (HKLM\...\Beetle Bug 3_is1) (Version: 1.0 - MyPlayCity, Inc.)
Boulder Crash version 1.0 (HKLM\...\{3359B4FC-E557-451E-AB7F-982197E5454D}}_is1) (Version: 1.0 - Aleksey Taranov)
Brickshooter Egypt (HKLM\...\Brickshooter Egypt_is1) (Version: 1.0 - MyPlayCity, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Christmas Griddlers (HKLM\...\Christmas Griddlers_is1) (Version: 1.0 - MyPlayCity, Inc.)
Clutter II - He Said, She Said (HKLM\...\Clutter II - He Said, She Said_is1) (Version: 1.0 - MyPlayCity, Inc.)
Cradle of Rome (HKLM\...\Cradle of Rome_is1) (Version: 1.0 - MyPlayCity, Inc.)
EaseUS Data Recovery Wizard 8.5 (HKLM\...\EaseUS Data Recovery Wizard 8.5_is1) (Version: - EaseUS)
Farm Frenzy - Gone Fishing (HKLM\...\Farm Frenzy - Gone Fishing_is1) (Version: 1.0 - MyPlayCity, Inc.)
Free QuizMaker 6 (HKLM\...\{2291F7F8-69DD-4B4F-B843-BA5B57999918}) (Version: 6.2.0 - iSpring Solutions Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Griddlers - Ted and PET (HKLM\...\Griddlers - Ted and PET_is1) (Version: 1.0 - MyPlayCity, Inc.)
Incredi Basketball (HKLM\...\Incredi Basketball_is1) (Version: 1.0 - MyPlayCity, Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Quest II (HKLM\...\Jewel Quest II_is1) (Version: 1.0 - MyPlayCity, Inc.)
Jurassic Mahjong (HKLM\...\Jurassic Mahjong_is1) (Version: 1.0 - MyPlayCity, Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Olympus Griddlers (HKLM\...\Olympus Griddlers_is1) (Version: 1.0 - MyPlayCity, Inc.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Price Meter (remove only) (HKU\S-1-5-21-724745677-1146776812-3954023175-1003\...\Price Meter) (Version: 1.0.5.8 - Price Meter) <==== ATTENTION
Rainbow Web 2 (HKLM\...\Rainbow Web 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Rise of Mythos (HKLM\...\Rise of Mythos_is1) (Version: 1.0 - MyPlayCity, Inc.)
Scratch 2 Offline Editor (HKLM\...\edu.media.mit.Scratch2Editor) (Version: 428 - MIT Media Lab)
Scratch 2 Offline Editor (Version: 255 - MIT Media Lab) Hidden
Season Match - Curse of the Witch Crow (HKLM\...\Season Match - Curse of the Witch Crow_is1) (Version: 1.0 - MyPlayCity, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SlimDrivers (HKLM\...\{03E312F7-8697-4BC4-A90F-33D34EECE18C}) (Version: 2.2.44488 - SlimWare Utilities, Inc.)
Snowy - Treasure Hunter 3 (HKLM\...\Snowy - Treasure Hunter 3_is1) (Version: 1.0 - MyPlayCity, Inc.)
Star Defender 4 (HKLM\...\Star Defender 4_is1) (Version: 1.0 - MyPlayCity, Inc.)
Turtix (HKLM\...\Turtix_is1) (Version: 1.0 - MyPlayCity, Inc.)
Woolies Adventure (HKLM\...\Woolies Adventure_is1) (Version: - My Real Games Ltd)
ZOODomino (HKLM\...\ZOODomino_is1) (Version: 1.0 - MyPlayCity, Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-10-2014 10:47:37 Windows Update
31-10-2014 17:20:00 Windows Update
05-11-2014 00:18:36 Windows Update
05-11-2014 20:54:20 Installed Java 7 Update 65
05-11-2014 20:56:53 Installed Java 7 Update 71
06-11-2014 01:00:39 Wiederherstellungsvorgang
06-11-2014 01:04:57 avast! antivirus system restore point
06-11-2014 01:09:45 Windows Update
06-11-2014 01:40:45 Wiederherstellungsvorgang
06-11-2014 01:46:12 avast! antivirus system restore point
06-11-2014 01:53:40 Windows Update
07-11-2014 01:11:05 avast! antivirus system restore point
11-11-2014 12:54:22 Windows Update
12-11-2014 14:01:15 Windows Update
18-11-2014 13:37:54 Windows Update
19-11-2014 22:15:48 Windows Update
26-11-2014 01:10:45 Windows Update
01-12-2014 17:23:14 Installed PDF Architect 2 View Module
01-12-2014 17:26:07 Installed PDF Architect 2 Create Module
01-12-2014 17:26:46 Installed PDF Architect 2 Edit Module
02-12-2014 11:59:07 Windows Update
02-12-2014 20:35:22 avast! antivirus system restore point
09-12-2014 13:07:57 Windows Update
11-12-2014 01:47:12 Windows Update
12-12-2014 13:49:21 Windows Update
16-12-2014 13:30:39 Windows Update
18-12-2014 09:40:48 Windows Update
23-12-2014 15:53:27 Windows Update
30-12-2014 19:05:50 Windows Update
06-01-2015 12:31:28 Installed Free QuizMaker 6
07-01-2015 05:09:38 Windows Update
14-01-2015 14:23:42 Windows Update
14-01-2015 16:07:53 Windows Update
21-01-2015 00:55:40 Windows Update
27-01-2015 06:04:46 Windows Update
30-01-2015 06:45:32 Windows Update
03-02-2015 12:25:49 Windows Update
10-02-2015 16:15:05 Windows Update
11-02-2015 02:10:45 SlimDrivers Installing Drivers
11-02-2015 02:18:33 Installiert Realtek High Definition Audio Driver
11-02-2015 14:08:29 Windows Update
11-02-2015 18:04:08 Windows Update
12-02-2015 12:58:09 Windows Update
13-02-2015 14:58:09 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {082B5570-B352-4ECE-94C3-87F2BB3454E7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-02] (AVAST Software)
Task: {1C2909C0-F928-45F3-BA10-EBBCFA4C64C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {295FAE4D-E655-4463-A321-BCA55C1A3358} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {372C5B6A-413F-43F3-B98E-2E434DF79F0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-01] (Google Inc.)
Task: {8769188A-A63F-4BF6-B290-6780126E6D4C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-724745677-1146776812-3954023175-1003
Task: {961FE649-9EDA-44F9-856D-F659877F87E5} - System32\Tasks\SlimDrivers Startup => C:\Program Files\SlimDrivers\SlimDrivers.exe [2015-01-28] (SlimWare Utilities, Inc.)
Task: {A8366623-BF2B-40AA-9E17-D2943A3531C7} - System32\Tasks\Games\UpdateCheck_S-1-5-21-724745677-1146776812-3954023175-1001
Task: {AD7FD6F1-7B4E-49D3-AF53-315BAD5937A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {B522E709-7B3B-4906-8E6F-20BA8CDF211A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {E43D581A-CAFD-445C-81FE-A04FE2CD81A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-01] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe
==================== Loaded Modules (whitelisted) ==============
2015-02-15 22:09 - 2015-02-15 22:09 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15021501\algo.dll
2014-12-02 20:35 - 2014-12-02 20:35 - 02151544 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxVMM.dll
2014-12-02 20:35 - 2014-12-02 20:35 - 00021488 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxREM.dll
2014-12-02 20:35 - 2014-12-02 20:35 - 04474224 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-12-02 20:36 - 2014-12-02 20:36 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-02 20:35 - 2014-12-02 20:35 - 00317632 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-724745677-1146776812-3954023175-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Admin (S-1-5-21-724745677-1146776812-3954023175-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-724745677-1146776812-3954023175-500 - Administrator - Disabled)
Gast (S-1-5-21-724745677-1146776812-3954023175-501 - Limited - Disabled)
Heinz-Willi (S-1-5-21-724745677-1146776812-3954023175-1001 - Limited - Enabled) => C:\Users\Heinz-Willi
HomeGroupUser$ (S-1-5-21-724745677-1146776812-3954023175-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-10-23 14:43:25.746
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.574
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.371
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.200
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:25.013
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.841
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.654
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.467
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.279
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-23 14:43:24.077
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptsp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) Dual Core Processor 5050e
Percentage of memory in use: 31%
Total physical RAM: 2815.18 MB
Available physical RAM: 1941.5 MB
Total Pagefile: 5628.65 MB
Available Pagefile: 4698.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.39 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:290.78 GB) (Free:117.32 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Eigene Dateien) (Fixed) (Total:53.71 GB) (Free:52.22 GB) NTFS
Drive e: (Sonstige Programme) (Fixed) (Total:102.54 GB) (Free:94.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 528861D1)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=27)
Partition 2: (Active) - (Size=290.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=53.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
15.02.2015, 23:52
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Zunehmende Verzögerung im Seitenaufbau mit Firefox Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2015, 01:00
| #11 |
| | Zunehmende Verzögerung im Seitenaufbau mit Firefox Erledigt, 1 x Price Meter gelöscht. Reste hatte er keine gefunden. Noch etwas oder "sind wir durch?" |
|
| Themen zu Zunehmende Verzögerung im Seitenaufbau mit Firefox |
| adware, antivirus, browser, böttcher, ccsetup, computer, desktop, firefox, fishing, flash player, helper, hijack, hijackthis, hkus\s-1-5-18, homepage, iexplore.exe, installation, internet, langsam, logfile, mozilla, realtek, registry, scan, security, senden, software, system, teredo, windows |
dann auf 
und dann auf 
. 
Linear-Darstellung
