Win 7 läuft bei Shockwave immer langsamer und hängt sich auf

whitewolf229 · 12.07.2015, 07:12

Hallo,
ich habe das Problem das mein Laptop relativ schnell ( Minuten) bei Shockwave immer langsamer wird ( CPU 100% ) und irgendwann garnichts mehr läuft.
Ich hab mal nach der hier ausgeschrieben Anleitung die Scans durchgeführt und angehängt, evtl. sieht man ja schon als Profi wo der Hase im Pfeffer liegt bevor ich hier gross rumtexte.
(Das sieht alles sehr viel aus... wer soll denn das alles lesen, oder hab ich da was falsch gemacht..??

...)

Defogger hab ich auch gemacht ( als Admin) , kam aber keinerlei Meldung, finished und sonst nichts.

gmer musste ich leider zippen, hoffe das war richtig so. Ich habs sonst nicht gepostet bekommen...

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:11-07-2015
Ran by whitewolf (administrator) on WHITEWOLF-PC on 12-07-2015 06:55:43
Running from C:\Users\whitewolf\Downloads
Loaded Profiles: whitewolf (Available Profiles: whitewolf)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
() C:\Program Files\Core Temp\Core Temp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Kingsoft Corporation) C:\Program Files (x86)\cmcm\Clean Master\cmtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Hamsin Software) C:\Users\whitewolf\Downloads\hclock\HamsinClock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [358424 2009-08-04] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [cmsc] => c:\program files (x86)\cmcm\Clean Master\cmtray.exe [771912 2015-06-06] (Kingsoft Corporation)
HKU\S-1-5-21-1560947176-2388760501-450519584-1000\...\Run: [psvClock] => C:\Users\whitewolf\Downloads\hclock\HamsinClock.exe [143360 2002-11-05] (Hamsin Software)
HKU\S-1-5-21-1560947176-2388760501-450519584-1000\...\MountPoints2: {4405f103-69ad-11e4-bbcf-806e6f6e6963} - D:\setup.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-12-15]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-02] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1560947176-2388760501-450519584-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
HKU\S-1-5-21-1560947176-2388760501-450519584-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-14] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-14] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
DPF: HKLM-x32 {3A5EF8E2-34B2-4B01-962B-FF430245CCA4} hxxp://192.168.1.5/IPCamPluginDM.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5F840C41-0BD2-4ABD-92EC-3CE01C15D6FF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68AA9DD2-7641-4CA1-A75F-CCAA7332059B}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{877A2DFB-9141-4129-940E-4A70BF70BE3B}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\whitewolf\AppData\Roaming\Mozilla\Firefox\Profiles\sixtmrqz.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-08] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1560947176-2388760501-450519584-1000: @phonostar.de/Schlagerparadies-Player -> C:\Program Files (x86)\Schlagerparadies-Player\npphonostarDetectNP.dll No File
FF Extension: BlackFox V2 - C:\Users\whitewolf\AppData\Roaming\Mozilla\Firefox\Profiles\sixtmrqz.default\Extensions\zigboom@hotmail.com [2015-07-12]
FF Extension: Bloody Red - C:\Users\whitewolf\AppData\Roaming\Mozilla\Firefox\Profiles\sixtmrqz.default\Extensions\{2458abc0-f443-11dd-87af-0800200c9a66} [2015-07-08]
FF Extension: Adblock Edge - C:\Users\whitewolf\AppData\Roaming\Mozilla\Firefox\Profiles\sixtmrqz.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-12-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-05]

Chrome: 
=======
CHR Profile: C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-04]
CHR Extension: (Google Docs) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-04]
CHR Extension: (Google Drive) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-04]
CHR Extension: (YouTube) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-04]
CHR Extension: (Facebook Secret Emoticons) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe [2014-12-04]
CHR Extension: (Google Search) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-04]
CHR Extension: (Avast SafePrice) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-25]
CHR Extension: (Google Sheets) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-04]
CHR Extension: (Avast Online Security) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-25]
CHR Extension: (IE Tab) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-05-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Red & Black Delux Aero Theme) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lopgdagfanplmnhlokfceaihadefafic [2014-12-04]
CHR Extension: (Google Wallet) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-04]
CHR Extension: (Video Cutter) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2015-02-28]
CHR Extension: (Gmail) - C:\Users\whitewolf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-04]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - No Path Or update_url value

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-02] (Avast Software s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 cmcore; c:\program files (x86)\cmcm\Clean Master\cmcore.exe [315208 2015-06-06] (Kingsoft Corporation)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2009-08-04] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2694432 2014-08-04] ()
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2009-08-04] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-02] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-02] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-02] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-02] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-02] ()
R3 d554gps; C:\Windows\System32\DRIVERS\d554gps64.sys [96296 2009-07-10] (Ericsson AB)
R3 d557bus; C:\Windows\System32\DRIVERS\d557bus.sys [328704 2009-06-29] (MCCI Corporation)
R3 d557mdfl; C:\Windows\System32\DRIVERS\d557mdfl.sys [19456 2009-06-29] (MCCI Corporation)
R3 d557mdm; C:\Windows\System32\DRIVERS\d557mdm.sys [432128 2009-06-29] (MCCI Corporation)
R3 d557mgmt; C:\Windows\System32\DRIVERS\d557mgmt.sys [376320 2009-06-29] (MCCI Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [12800 2009-09-22] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [17408 2009-09-22] (Ericsson AB)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-05] (Intel Corporation)
R3 ksapi64; C:\Windows\system32\drivers\ksapi64.sys [56680 2015-06-06] (Kingsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 msvad_simple; C:\Windows\System32\drivers\ProfoundSound.sys [35104 2012-09-25] ()
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2012-01-05] ()
R2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [76288 2009-09-24] (REDC)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31400 2014-12-23] (Synaptics Incorporated)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1828736 2009-03-13] ()
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [255016 2009-09-22] (Ericsson AB)
R3 ALSysIO; \??\C:\Users\WHITEW~1\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 06:22 - 2015-07-12 06:22 - 00026568 _____ C:\Users\whitewolf\Downloads\Addition.txt
2015-07-12 06:21 - 2015-07-12 06:55 - 00016262 _____ C:\Users\whitewolf\Downloads\FRST.txt
2015-07-12 06:21 - 2015-07-12 06:55 - 00000000 ____D C:\FRST
2015-07-12 06:20 - 2015-07-12 06:20 - 02130944 _____ (Farbar) C:\Users\whitewolf\Downloads\FRST64.exe
2015-07-12 06:13 - 2015-07-12 06:13 - 00064024 _____ C:\Users\whitewolf\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-11 20:11 - 2015-07-11 20:38 - 00000000 ____D C:\Windows\Minidump
2015-07-11 18:10 - 2015-07-11 18:10 - 00000000 ____D C:\Users\whitewolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-07-11 13:16 - 2015-07-11 20:37 - 00000000 ____D C:\Program Files\Hear
2015-07-11 13:16 - 2015-07-11 13:16 - 00000000 ____D C:\Users\whitewolf\Downloads\Hear_Win_1.1.1
2015-07-11 13:16 - 2012-01-05 15:08 - 00046728 _____ C:\Windows\system32\Drivers\ren2cap.sys
2015-07-11 07:17 - 2015-07-11 07:46 - 00005120 _____ C:\Users\whitewolf\AppData\Local\file__0.localstorage
2015-07-09 04:59 - 2015-07-09 05:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-08 18:53 - 2015-07-08 18:53 - 00000000 ____D C:\Users\whitewolf\AppData\Local\Macromedia
2015-07-08 04:37 - 2015-07-08 05:28 - 1242231136 _____ C:\Users\whitewolf\Downloads\Contact_15.07.05_20-15_rtl2_175_TVOON_DE.mpg.HQ.cut.mp4
2015-07-07 05:06 - 2015-07-07 05:06 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-07-07 05:01 - 2015-07-07 05:02 - 13832160 _____ (Adobe Systems Inc.) C:\Users\whitewolf\Downloads\15526_Shockwave_Installer_Full.exe
2015-07-07 04:50 - 2015-07-07 04:50 - 00089525 _____ C:\Users\whitewolf\Downloads\dir (1).dcr
2015-07-06 21:54 - 2015-07-06 21:54 - 00089525 _____ C:\Users\whitewolf\Downloads\dir.dcr
2015-07-05 18:02 - 2015-07-05 18:02 - 00028904 _____ C:\Users\whitewolf\Documents\cc_20150705_180153.reg
2015-07-05 17:57 - 2015-07-06 05:08 - 00000000 ____D C:\Program Files\CCleaner
2015-07-05 17:55 - 2015-07-05 17:56 - 05329360 _____ (Piriform Ltd) C:\Users\whitewolf\Downloads\ccsetup507_slim.exe
2015-07-05 17:52 - 2015-07-05 17:52 - 00000000 ____D C:\AdwCleaner
2015-07-05 17:50 - 2015-07-05 17:50 - 00515449 _____ ( ) C:\Users\whitewolf\Downloads\jetzt_installieren.exe
2015-07-05 12:39 - 2015-07-05 13:09 - 524288000 _____ C:\Users\whitewolf\Downloads\46022fischmonster0500.part1.rar
2015-07-05 11:52 - 2015-07-05 11:53 - 23330176 _____ C:\Users\whitewolf\Downloads\3625582141745152857.part7.rar
2015-07-05 10:09 - 2015-07-05 10:09 - 00035090 _____ C:\Users\whitewolf\AppData\Local\recently-used.xbel
2015-07-05 09:49 - 2015-07-05 10:00 - 209715200 _____ C:\Users\whitewolf\Downloads\3625582141745152857.part6.rar
2015-07-05 06:55 - 2015-07-05 07:07 - 209715200 _____ C:\Users\whitewolf\Downloads\3625582141745152857.part5.rar
2015-07-04 22:37 - 2015-07-04 22:49 - 209715200 _____ C:\Users\whitewolf\Downloads\3625582141745152857.part4.rar
2015-07-04 22:16 - 2015-07-04 22:17 - 00000000 ____D C:\Users\whitewolf\Documents\Webinar BridgeSplit und Float Sintern
2015-07-04 18:46 - 2015-07-04 18:46 - 00000081 _____ C:\Users\whitewolf\Desktop\Hotmixradio 80 - La Radio Années 80 du bouquet de webradios Hotmixradio.fr.url
2015-07-04 10:50 - 2015-07-04 11:01 - 209715200 _____ C:\Users\whitewolf\Downloads\3625582141745152857.part3.rar
2015-07-04 08:33 - 2015-07-04 08:45 - 209715200 _____ C:\Users\whitewolf\Downloads\3625582141745152857.part2.rar
2015-07-04 07:24 - 2015-07-04 07:35 - 209715200 _____ C:\Users\whitewolf\Downloads\3625582141745152857.part1.rar
2015-07-03 04:09 - 2015-07-03 04:09 - 00001139 _____ C:\Users\whitewolf\Desktop\Dokumente - Verknüpfung.lnk
2015-07-02 08:18 - 2015-07-02 08:18 - 147872048 ____N C:\Users\whitewolf\Documents\Webinar BridgeSplit und Float Sintern.zip
2015-07-02 04:00 - 2015-07-02 04:29 - 638146159 _____ C:\Users\whitewolf\Downloads\Der_Knochenjaeger_15.06.27_22-10_zdfneo_110_TVOON_DE.mpg.HQ.cut.mp4
2015-07-01 04:35 - 2015-07-01 05:01 - 648637959 _____ C:\Users\whitewolf\Downloads\Gosford_Park_15.06.29_23-15_ndr_130_TVOON_DE.mpg.HQ.cut.mp4
2015-06-30 05:04 - 2015-06-30 05:30 - 636843666 _____ C:\Users\whitewolf\Downloads\Resident_Evil__Retribution_15.06.28_22-10_pro7_110_TVOON_DE.mpg.HQ.cut.mp4
2015-06-28 06:00 - 2015-06-28 06:22 - 407531927 _____ C:\Users\whitewolf\Downloads\Der_Samariter_Toedliches_Finale_15.06.20_22-05_ardeinsfestival_90_TVOON_DE.mpg.HQ.cut.mp4
2015-06-27 05:35 - 2015-06-27 06:30 - 1392564366 _____ C:\Users\whitewolf\Downloads\Batman_15.06.25_20-15_kabel1_170_TVOON_DE.mpg.HQ.avi
2015-06-26 06:55 - 2015-06-26 07:55 - 1197537768 _____ C:\Users\whitewolf\Downloads\End_of_Watch_15.06.23_22-05_pro7maxx_125_TVOON_DE.mpg.HQ.avi
2015-06-25 09:53 - 2015-06-25 09:56 - 00000000 ____D C:\Users\whitewolf\Downloads\mdm-madmax2-xvida
2015-06-25 01:25 - 2015-06-25 01:25 - 00000000 ____D C:\Users\whitewolf\Downloads\VA-Ultimate_80s-4CD-2015-ONe
2015-06-25 00:17 - 2015-06-25 00:17 - 00000708 _____ C:\Users\whitewolf\Downloads\Setup                         .website
2015-06-24 07:46 - 2015-06-24 07:46 - 00000000 ____D C:\Users\whitewolf\Downloads\4587123256985
2015-06-23 20:15 - 2015-06-23 20:15 - 00001401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dictation Pro 1.0.lnk
2015-06-23 20:15 - 2015-06-23 20:15 - 00001389 _____ C:\Users\Public\Desktop\Dictation Pro 1.0.lnk
2015-06-23 20:15 - 2015-06-23 20:15 - 00000000 ____D C:\Users\whitewolf\AppData\Local\Spoon
2015-06-23 20:15 - 2015-06-23 20:15 - 00000000 ____D C:\Users\whitewolf\AppData\Local\IsolatedStorage
2015-06-23 20:15 - 2015-06-23 20:15 - 00000000 ____D C:\Users\whitewolf\AppData\Local\DeskShare Data
2015-06-23 20:15 - 2015-06-23 20:15 - 00000000 ____D C:\ProgramData\Deskshare
2015-06-23 20:15 - 2015-06-23 20:15 - 00000000 ____D C:\Program Files (x86)\Deskshare
2015-06-23 20:14 - 2015-06-23 20:14 - 09860680 _____ (DeskShare Inc. ) C:\Users\whitewolf\Downloads\DictationPro.exe
2015-06-23 05:07 - 2015-06-23 05:37 - 699326365 _____ C:\Users\whitewolf\Downloads\Ice_Age_4_Voll_verschoben_15.06.21_20-15_pro7_105_TVOON_DE.mpg.HQ.cut.mp4
2015-06-22 21:11 - 2015-06-22 21:11 - 00000000 ____D C:\Users\whitewolf\AppData\Roaming\dlg
2015-06-22 21:10 - 2015-06-22 21:10 - 00000000 ____D C:\Users\whitewolf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start
2015-06-22 21:10 - 2014-06-17 19:02 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.dll
2015-06-22 21:10 - 2014-06-17 19:02 - 00072704 _____ (Microsoft Corporation) C:\Windows\ST5UNST.EXE
2015-06-22 21:09 - 2015-06-22 21:10 - 20021404 _____ C:\Windows\SysWOW64\KCE_Free.exe
2015-06-22 21:07 - 2015-06-22 21:07 - 00000000 ____D C:\Users\whitewolf\AppData\Roaming\AVG
2015-06-22 21:06 - 2015-06-22 21:06 - 00000000 ____D C:\Users\whitewolf\AppData\Local\Avg
2015-06-22 21:05 - 2015-06-22 21:09 - 00000000 ____D C:\ProgramData\AVG
2015-06-22 21:03 - 2015-06-22 21:03 - 00516624 _____ ( ) C:\Users\whitewolf\Downloads\KCE_Free_CB-DL-Manager.exe
2015-06-19 02:56 - 2015-06-19 03:46 - 993302194 _____ C:\Users\whitewolf\Downloads\The_Way_Back_Der_lange_Weg_15.06.17_20-15_arte_130_TVOON_DE.mpg.HQ.avi
2015-06-17 21:09 - 2015-06-17 21:09 - 00000000 ____D C:\Users\whitewolf\Downloads\Ben_Liebrand_-_In_The_Mix-CABLE-06-14-2015-TALiON
2015-06-16 18:34 - 2015-06-16 18:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-06-16 18:31 - 2015-06-16 18:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
2015-06-16 04:22 - 2015-06-16 04:47 - 630271790 _____ C:\Users\whitewolf\Downloads\Tatort_15.06.14_21-45_ardeinsfestival_90_TVOON_DE.mpg.HQ.cut.mp4
2015-06-14 13:34 - 2015-06-14 13:34 - 00000000 ____D C:\Users\whitewolf\Downloads\44091findest50321
2015-06-12 15:42 - 2015-06-12 15:42 - 00000000 ____D C:\Users\whitewolf\Downloads\Lone.Ranger.German.BDRiP.x264-EXQUiSiTE
2015-06-12 04:31 - 2015-06-12 04:52 - 539772178 _____ C:\Users\whitewolf\Downloads\Der_grosse_Crash_Margin_Call_15.06.10_22-15_ardeinsplus_100_TVOON_DE.mpg.HQ.cut.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 06:53 - 2014-12-04 23:36 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-12 06:21 - 2014-12-05 10:49 - 00000000 ____D C:\Users\whitewolf\AppData\Local\Thunderbird
2015-07-12 06:07 - 2009-07-14 06:45 - 00033712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-12 06:07 - 2009-07-14 06:45 - 00033712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-12 06:01 - 2014-11-11 16:18 - 01617346 _____ C:\Windows\WindowsUpdate.log
2015-07-12 06:01 - 2010-11-21 08:50 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-07-12 06:01 - 2010-11-21 08:50 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-07-12 06:01 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-12 05:55 - 2015-06-04 08:08 - 00000000 ____D C:\Program Files\Core Temp
2015-07-12 05:55 - 2014-12-04 23:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-12 05:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-12 00:35 - 2014-12-07 22:51 - 00000000 ____D C:\Users\whitewolf\AppData\Roaming\vlc
2015-07-11 21:30 - 2014-12-02 00:16 - 00000000 ____D C:\Users\whitewolf\AppData\Roaming\Thunderbird
2015-07-11 20:05 - 2015-05-21 12:34 - 00000000 ____D C:\Users\whitewolf\AppData\Local\CrashDumps
2015-07-11 13:21 - 2014-12-05 10:21 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-11 13:18 - 2015-05-13 19:49 - 00000000 ____D C:\Windows\system32\appmgmt
2015-07-11 07:18 - 2014-12-02 00:16 - 00000000 ____D C:\Users\whitewolf
2015-07-11 02:25 - 2014-10-01 11:05 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-10 22:15 - 2014-12-22 12:47 - 00446976 ___SH C:\Users\whitewolf\Documents\Thumbs.db
2015-07-10 04:25 - 2014-10-01 11:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-08 18:51 - 2015-05-30 11:08 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-08 18:51 - 2015-05-30 11:08 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-08 18:51 - 2014-12-12 01:27 - 00000000 ____D C:\Users\whitewolf\AppData\Local\Adobe
2015-07-05 23:12 - 2014-12-24 15:51 - 00000000 ____D C:\Users\whitewolf\AppData\Roaming\Skype
2015-07-05 19:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-05 18:21 - 2015-04-12 07:04 - 00000000 ____D C:\Users\whitewolf\Documents\Aufnahmen
2015-07-05 18:16 - 2015-03-29 08:03 - 00003148 _____ C:\Windows\System32\Tasks\SidebarExecute
2015-07-05 10:09 - 2014-12-10 10:34 - 00000000 ____D C:\Users\whitewolf\AppData\Local\gtk-2.0
2015-07-05 10:09 - 2014-12-10 00:06 - 00000000 ____D C:\Users\whitewolf\.gimp-2.8
2015-07-03 23:07 - 2015-01-31 07:39 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-02 12:47 - 2010-11-21 09:00 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-06-26 17:42 - 2014-12-05 10:21 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-24 22:38 - 2014-12-14 23:38 - 00000286 _____ C:\Windows\Tasks\DriverDoc_UPDATES.job
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-17 20:54 - 2015-03-02 19:24 - 00000000 ____D C:\Users\whitewolf\Documents\Bremsen Xsara
2015-06-13 00:25 - 2009-07-14 07:08 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-12 17:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-12 16:02 - 2015-05-06 04:34 - 00000000 __SHD C:\Users\whitewolf\AppData\Local\EmieUserList
2015-06-12 16:02 - 2015-05-06 04:34 - 00000000 __SHD C:\Users\whitewolf\AppData\Local\EmieSiteList
2015-06-12 16:02 - 2015-05-06 04:34 - 00000000 __SHD C:\Users\whitewolf\AppData\Local\EmieBrowserModeList

==================== Files in the root of some directories =======

2015-03-28 22:58 - 2015-03-28 22:58 - 0206064 _____ () C:\Program Files\All_CPU473_Meter.zip
2015-03-28 23:00 - 2015-06-04 18:03 - 0000726 _____ () C:\Users\whitewolf\AppData\Roaming\All CPU MeterV3_Settings.ini
2006-12-11 19:13 - 2006-12-11 19:13 - 0097336 _____ (Un4seen Developments) C:\Users\whitewolf\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 0013872 _____ (Un4seen Developments) C:\Users\whitewolf\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 0102912 _____ (Albert L Faber) C:\Users\whitewolf\AppData\Local\CDRip.dll
2015-07-11 07:17 - 2015-07-11 07:46 - 0005120 _____ () C:\Users\whitewolf\AppData\Local\file__0.localstorage
2007-08-13 17:46 - 2007-08-13 17:46 - 0155136 _____ () C:\Users\whitewolf\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\whitewolf\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 0029184 _____ () C:\Users\whitewolf\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0015872 _____ () C:\Users\whitewolf\AppData\Local\ogg.dll
2015-04-12 18:24 - 2015-04-12 18:30 - 0001430 _____ () C:\Users\whitewolf\AppData\Local\RecConfig.xml
2015-07-05 10:09 - 2015-07-05 10:09 - 0035090 _____ () C:\Users\whitewolf\AppData\Local\recently-used.xbel
2006-10-26 01:06 - 2006-10-26 01:06 - 0143872 _____ () C:\Users\whitewolf\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0064000 _____ () C:\Users\whitewolf\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 0019456 _____ () C:\Users\whitewolf\AppData\Local\vorbisfile.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-07 19:12

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:11-07-2015
Ran by whitewolf at 2015-07-12 06:56:07
Running from C:\Users\whitewolf\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1560947176-2388760501-450519584-500 - Administrator - Disabled)
Gast (S-1-5-21-1560947176-2388760501-450519584-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1560947176-2388760501-450519584-1002 - Limited - Enabled)
whitewolf (S-1-5-21-1560947176-2388760501-450519584-1000 - Administrator - Enabled) => C:\Users\whitewolf

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5700 - Broadcom Corporation)
Clean Master (HKLM-x32\...\Clean Master) (Version: 1.0 - Cheetah Mobile)
Content Manager (HKLM-x32\...\Content Manager) (Version: 3.18.4.510611 - NNG Llc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Dell Mobile Broadband Manager (HKLM-x32\...\{23EEC842-57ED-4055-A056-9D4185DFB1AA}) (Version: 6.1.21.2 - Dell)
Dell System Detect (HKU\S-1-5-21-1560947176-2388760501-450519584-1000\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)
Dell Wireless HSPA Mini-Card Drivers (HKLM\...\{D32F6B1F-0FD0-46DA-B821-8D876070F20C}) (Version: 6.1.9.5 - Dell)
Dictation Pro (HKLM-x32\...\Dictation Pro_is1) (Version:  - Deskshare Inc.)
DriverDoc (HKLM-x32\...\DriverDoc_is1) (Version: 1.52.1086.14425 - Solvusoft Corporation)
EdiView Finder v1.0.7 (HKLM-x32\...\EdiView Finder Utility_is1) (Version:  - Edimax Technology Co., Ltd.)
Eusing Free Registry Cleaner (HKLM-x32\...\Eusing Free Registry Cleaner) (Version:  - Eusing Software)
Free Spider Solitaire 2012 v3.0 (HKLM-x32\...\Free Spider_is1) (Version:  - TreeCardGames)
Free Video Editor version 1.4.11.219 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.11.219 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.56.324 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Integrated Webcam (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52000.8 - Sonix)
Integrated Webcam Driver (1.08.01.0129)   (HKLM\...\Creative OA001) (Version: 1.08.01.0129 - Creative Technology Ltd.)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.3 - Intel)
Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version:  - Intel Corporation)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 7 Update 72 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170720}) (Version: 1.7.0.720 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
LingoPad 2.5.1 (Build 325) (HKLM-x32\...\LingoPad_is1) (Version: 2.5.1 - Lingo4you GbR)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
NVIDIA Grafiktreiber 340.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.66 - NVIDIA Corporation)
NVIDIA nView 141.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.24 - NVIDIA Corporation)
NVIDIA Update 15.3.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 15.3.33 - NVIDIA Corporation)
NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1560947176-2388760501-450519584-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\SYSTEM32\mscoree.dll (Microsoft Corporation)

==================== Restore Points =========================

07-07-2015 16:40:49 Windows Update
10-07-2015 21:19:08 Windows Update
11-07-2015 07:12:11 Installed ProfoundSound Audio.
11-07-2015 13:17:09 Gerätetreiber-Paketinstallation: Prosoft Audio-, Video- und Gamecontroller
11-07-2015 13:18:14 Removed ProfoundSound Audio.

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13DC8449-7CCC-4C3F-98A2-40788806B7E1} - System32\Tasks\Core Temp Autostart whitewolf => C:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {168E3E18-830F-4B33-ADA6-1AF2526C0577} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-04] (Google Inc.)
Task: {4B09A3C3-A25F-4332-8974-4460845BEB09} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-11] (PC-Doctor, Inc.)
Task: {6BB2D56C-34F3-420A-BE4B-E87B48691C97} - System32\Tasks\DriverDoc_UPDATES => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe [2012-10-05] (Solvusoft Corporation)
Task: {972856D8-A2EC-4DA2-B02C-219C39B1A10D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {CD5A22E0-E812-4166-9159-A81C50C4F2DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-04] (Google Inc.)
Task: {D95D07B9-853C-47D2-8CDD-8B919BF34E10} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\DriverDoc_UPDATES.job => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-11-11 16:35 - 2014-08-04 21:17 - 02694432 _____ () C:\Windows\system32\nvwmi64.exe
2014-11-11 16:31 - 2014-08-04 19:57 - 00118728 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-04 08:08 - 2013-10-08 13:23 - 00890016 _____ () C:\Program Files\Core Temp\Core Temp.exe
2015-03-28 22:59 - 2015-03-28 22:59 - 00012520 _____ () C:\Users\whitewolf\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2015-03-28 22:59 - 2015-03-28 22:59 - 00015080 _____ () C:\Users\whitewolf\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2015-03-28 22:59 - 2015-03-28 22:59 - 00014056 _____ () C:\Users\whitewolf\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2015-05-02 05:42 - 2015-05-02 05:42 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-02 05:42 - 2015-05-02 05:42 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-11 19:00 - 2015-07-11 19:00 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071101\algo.dll
2015-03-18 05:04 - 2015-03-18 05:04 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-20 08:16 - 2015-05-20 08:16 - 03350640 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-05-20 08:16 - 2015-05-20 08:16 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-05-20 08:16 - 2015-05-20 08:16 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2015-07-08 18:51 - 2015-07-08 18:51 - 17418416 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\whitewolf:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\whitewolf\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\whitewolf\Cookies:gs5sys
AlternateDataStreams: C:\Users\whitewolf\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\whitewolf\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\whitewolf\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\whitewolf\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\whitewolf\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\whitewolf\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\whitewolf\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\whitewolf\Documents\desktop.ini:gs5sys

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1560947176-2388760501-450519584-1000\...\dell.com -> dell.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1560947176-2388760501-450519584-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\whitewolf\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{5FE8A2F6-2281-485F-AF04-6372ABAB39F2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D9A0591B-A451-4A39-BAE3-EC5ED7D37492}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1AB53EB6-1E2D-4F75-890A-8DF607618A5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{250D6A81-0F98-4C71-AE31-2793CFFD6247}C:\program files (x86)\internet camera\ediview finder\admin.exe] => (Allow) C:\program files (x86)\internet camera\ediview finder\admin.exe
FirewallRules: [UDP Query User{16AC6110-1AFC-461A-84EB-035C28223A6F}C:\program files (x86)\internet camera\ediview finder\admin.exe] => (Allow) C:\program files (x86)\internet camera\ediview finder\admin.exe
FirewallRules: [{D4F54300-2CD2-4846-8D1C-ADED3F3E6F99}] => (Allow) LPort=21
FirewallRules: [{31758C91-1ECB-4F48-9FD0-6CABE3EA1F7E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/12/2015 05:55:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:32:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:32:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/11/2015 08:12:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/11/2015 08:12:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/11/2015 08:12:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 01:36:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hear.exe, Version: 0.0.0.0, Zeitstempel: 0x4f036731
Name des fehlerhaften Moduls: Hear.exe, Version: 0.0.0.0, Zeitstempel: 0x4f036731
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000137900
ID des fehlerhaften Prozesses: 0x1764
Startzeit der fehlerhaften Anwendung: 0xHear.exe0
Pfad der fehlerhaften Anwendung: Hear.exe1
Pfad des fehlerhaften Moduls: Hear.exe2
Berichtskennung: Hear.exe3

Error: (07/11/2015 01:31:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hear.exe, Version: 0.0.0.0, Zeitstempel: 0x4f036731
Name des fehlerhaften Moduls: Hear.exe, Version: 0.0.0.0, Zeitstempel: 0x4f036731
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000137900
ID des fehlerhaften Prozesses: 0x1234
Startzeit der fehlerhaften Anwendung: 0xHear.exe0
Pfad der fehlerhaften Anwendung: Hear.exe1
Pfad des fehlerhaften Moduls: Hear.exe2
Berichtskennung: Hear.exe3

Error: (07/11/2015 01:26:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hear.exe, Version: 0.0.0.0, Zeitstempel: 0x4f036731
Name des fehlerhaften Moduls: Hear.exe, Version: 0.0.0.0, Zeitstempel: 0x4f036731
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000137900
ID des fehlerhaften Prozesses: 0xd50
Startzeit der fehlerhaften Anwendung: 0xHear.exe0
Pfad der fehlerhaften Anwendung: Hear.exe1
Pfad des fehlerhaften Moduls: Hear.exe2
Berichtskennung: Hear.exe3

Error: (07/11/2015 01:21:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/11/2015 08:34:01 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/11/2015 08:11:32 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000d1 (0xfffff8800d58e370, 0x0000000000000002, 0x0000000000000000, 0xfffff88004e2beac)C:\Windows\MEMORY.DMP071115-36894-01

Error: (07/11/2015 08:11:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2015 um 20:08:11 unerwartet heruntergefahren.

Error: (07/11/2015 06:09:54 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (07/11/2015 01:22:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (07/11/2015 12:58:59 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (07/11/2015 08:37:29 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (07/10/2015 09:05:40 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (07/07/2015 10:28:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst UxSms erreicht.

Error: (07/07/2015 09:25:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎07.‎2015 um 21:19:54 unerwartet heruntergefahren.


Microsoft Office:
=========================
Error: (07/12/2015 05:55:08 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:32:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:32:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe

Error: (07/11/2015 08:12:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe

Error: (07/11/2015 08:12:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\UNAV\Content Manager\ContentManager.exe

Error: (07/11/2015 08:12:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 01:36:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hear.exe0.0.0.04f036731Hear.exe0.0.0.04f036731c00000050000000000137900176401d0bbcd9111a284C:\Program Files\Hear\Hear.exeC:\Program Files\Hear\Hear.exe1e13a09d-27c1-11e5-b711-028037ec0200

Error: (07/11/2015 01:31:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hear.exe0.0.0.04f036731Hear.exe0.0.0.04f036731c00000050000000000137900123401d0bbcc85271247C:\Program Files\Hear\Hear.exeC:\Program Files\Hear\Hear.exe5965daef-27c0-11e5-b711-028037ec0200

Error: (07/11/2015 01:26:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hear.exe0.0.0.04f036731Hear.exe0.0.0.04f036731c00000050000000000137900d5001d0bbcbb0136165C:\Program Files\Hear\Hear.exeC:\Program Files\Hear\Hear.exeb11a70e1-27bf-11e5-b711-028037ec0200

Error: (07/11/2015 01:21:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P9700 @ 2.80GHz
Percentage of memory in use: 52%
Total physical RAM: 4019.91 MB
Available physical RAM: 1904.05 MB
Total Virtual: 8038.03 MB
Available Virtual: 5384.01 MB

==================== Drives ================================

Drive c: (Windows 7 Professional) (Fixed) (Total:232.88 GB) (Free:44.59 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (GSP1RMCULXFREO_DE_DVD) (CDROM) (Total:3.04 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: C93A3282)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================

Viele Gruße an alle Cracks die sich hier den Sonntag um die Ohren hauen um Laien aufs Fahrad zu helfen.
Danke schonmal fürs lesen.
Whitew.

schrauber · 12.07.2015, 07:28

Hi,

Logs bitte immer in codetags in den Thread posten

whitewolf229 · 12.07.2015, 08:22

Hab ich auch versucht, FRST ist doch in codetag eingebunden ?
gmer war irgendwie zu gross dafür.. hm...??
Daher hab ich es nach mehreren Fehlversuchen gezippt.
Was nun?
Gruß

schrauber · 12.07.2015, 16:07

Log aufteilen und in Stücken posten, in mehreren Antworten

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

12.07.2015, 07:28	#2
schrauber /// the machine /// TB-Ausbilder	Win 7 läuft bei Shockwave immer langsamer und hängt sich auf Hi, Logs bitte immer in codetags in den Thread posten __________________ __________________

Win 7 läuft bei Shockwave immer langsamer und hängt sich auf

Log-Analyse und Auswertung: Win 7 läuft bei Shockwave immer langsamer und hängt sich auf