Trojaner-Board - Browser lädt Internetseiten sehr sehr langsam

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Browser lädt Internetseiten sehr sehr langsam (https://www.trojaner-board.de/152201-browser-laedt-internetseiten-sehr-sehr-langsam.html)

Browser lädt Internetseiten sehr sehr langsam

Hallo Leute, :abklatsch:

ich freue mich sehr euch gefunden zu haben und hoffe auf eure Hilfe.

Meine Browser (IE 11.0, Nightly 31.0a1) laden seit kurzem keine Internetseiten (außer Google) mehr bzw. nur sehr sehr langsam.
Ich habe nichts wissentlich unternommen, damit es dazu kam. Virenscan mit Sophos habe ich ausgeführt. Außerdem lade ich schonmal die Logfiles von OTA hoch....

Ich hoffe ihr könnt mir helfen. Vielen Dank schonmal...

PS.:
OS: Win7 SP1
aktuellste Updates

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Hi,
ja also das Logfile war tatsächlich zu groß zum upload. Aber nun weiß ich es besser. Hier jetzt die beiden Logfiles aus FRST. Falls die anderen beiden auch noch gebraucht werden gern bescheid sagen.

Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014

Ran by obelix05 at 2014-04-09 07:14:24

Running from C:\Users\obelix05\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}

AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)

Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)

Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)

AuthenTec Fingerprint Software (HKLM\...\{5F1DFCC1-595D-4235-A044-E05B706D800A}) (Version: 9.0.8.35 - AuthenTec, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - )

CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)

Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)

CodeBlocks (HKCU\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)

Dassault Systemes Software B19 (HKLM\...\Dassault Systemes B19_0) (Version:  - )

Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)

DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.15.0134 - Fujitsu Technology Solutions)

Dropbox (HKCU\...\Dropbox) (Version: 2.6.25 - Dropbox, Inc.)

FEMBEAM 1.43 (HKLM-x32\...\ST6UNST #1) (Version:  - )

FJ Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.9.4 - SunplusIT)

Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)

Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden

Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.002 - FUJITSU LIMITED)

Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002 - FUJITSU LIMITED) Hidden

Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.4.0 - FUJITSU LIMITED)

Fujitsu System Extension Utility (Version: 3.4.4.0 - FUJITSU LIMITED) Hidden

GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.56.0 - International GeoGebra Institute)

GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)

InstaCal for Windows (HKLM-x32\...\{2255E2F6-3226-4BE3-8A52-397FDCBA5DB1}) (Version: 6.31 - Measurement Computing Corporation)

Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)

Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)

Intel(R) PRO/Wireless Driver (Version: 16.06.2000.0671 - Intel Corporation) Hidden

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (Version: 16.06.0000.0280 - Intel Corporation) Hidden

Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED)

LIFEBOOK Application Panel (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden

LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )

MatheAss 8.2 (HKLM-x32\...\MatheAss_is1) (Version:  - MatheAss)

MatheGrafix 10 (Version 10.1) (HKLM-x32\...\MatheGrafix 10_is1) (Version:  - )

Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)

Microsoft Mathematics-Add-In (32 Bit) (HKLM-x32\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.041222.01 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

MinGW-Get version 0.5-beta-20120426-1 (HKLM-x32\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW)

Mozilla Firefox 24.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 de)) (Version: 24.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)

NetBeans IDE 7.3.1 (HKLM-x32\...\nbi-nb-base-7.3.1.0.201306052037) (Version: 7.3.1 - NetBeans.org)

Nightly 31.0a1 (x64 en-US) (HKLM\...\Nightly 31.0a1 (x64 en-US)) (Version: 31.0a1 - Mozilla)

NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)

NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden

NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)

NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden

NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden

NVIDIA WMI 2.15.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.15.0 - NVIDIA Corporation)

O2Micro OZ776 SCR Driver (HKLM-x32\...\InstallShield_{7F1540E7-E524-4258-B611-5800D70FD407}) (Version: 2.1.4.216GS - O2Micro)

O2Micro OZ776 SCR Driver (Version: 2.1.4.216GS - O2Micro) Hidden

PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

PhoneClean 3.2.0 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 3.2.0 - iMobie Inc.)

Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 6.2.0.1 - FUJITSU LIMITED)

Plugfree NETWORK (Version: 6.2.001 - FUJITSU LIMITED) Hidden

Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.042 - FUJITSU LIMITED)

Program-Link FA-CP1 (Single License) (HKLM-x32\...\{53FB84B2-23CC-47BE-903F-EC1841459509}) (Version: 1.0.3.0 - CASIO COMPUTER CO., LTD.)

Qt Creator (HKCU\...\Qt Creator) (Version: 2.8.1 - Qt Project)

Qt OpenSource 4.8.5 (HKLM-x32\...\Qt OpenSource 4.8.5 - C:_Qt_4.8.5) (Version: 4.8.5 - Digia Plc)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6505 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)

Shock Sensor Driver (HKLM-x32\...\InstallShield_{BFA53004-F544-4356-B0F9-735D69623447}) (Version: 1.01.00.002 - FUJITSU LIMITED)

Shock Sensor Driver (Version: 1.01.00.002 - FUJITSU LIMITED) Hidden

Shock Sensor Utility (HKLM-x32\...\InstallShield_{4E7C12AC-8F19-49CC-87C3-0EAAD952F6B3}) (Version: 5.01.00.001 - FUJITSU LIMITED)

Shock Sensor Utility (Version: 5.01.00.001 - FUJITSU LIMITED) Hidden

Sierra Wireless QMI Fujitsu Driver Package (HKLM-x32\...\SWIFujitsuDrvInstaller) (Version: 2.8.1210.1 - Sierra Wireless Inc.)

Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)

Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.0.522 - Sophos Limited)

Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.44.1 - Synaptics Incorporated)

System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)

Tabellenbuch Metall 7.0 (HKLM-x32\...\Tabellenbuch Metall 7.0) (Version: 7.0 - Verlag Europa-Lehrmittel)

tools-freebsd (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-linux (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-netware (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-solaris (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-windows (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-winPre2k (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

TortoiseHg 2.11.1 (x64) (HKLM\...\{A0A48C39-F6D7-4827-B815-C96A24AD6349}) (Version: 2.11.1 - Steve Borho and others)

Trust tablet driver (HKLM\...\RmTablet) (Version: 5.01 - )

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden

VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.1 - VMware, Inc)

VMware Workstation (Version: 9.0.1 - VMware, Inc.) Hidden

WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)

WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)

WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Worms World Party (HKLM-x32\...\{9A200E68-D5F4-4E70-910F-2871753A0E2B}) (Version:  - )
 

==================== Restore Points  =========================
 

07-04-2014 11:04:17 Removed Need for Speed(TM) Hot Pursuit

08-04-2014 13:11:42 OTL Restore Point - 08.04.2014 15:11:41
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2014-01-17 21:36 - 00000858 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1        gosredirector.ea.com
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0F1BEF5F-98E4-41F4-8AF4-8C026800469F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {76DA0695-AC44-4C38-81A8-1B4F483A531C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)

Task: {ACB2CEF9-DD1B-484F-BE00-43A6F71854B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)

Task: {BB3A100A-52EE-4EC3-A760-5641E238AE7D} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-08-28 15:17 - 2013-10-27 10:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2013-08-28 15:17 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-03-19 08:09 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2013-09-06 15:08 - 2012-10-19 11:01 - 00581120 _____ () C:\Windows\system32\atwtusb.exe

2013-09-06 15:08 - 2012-09-10 13:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe

2012-11-01 02:57 - 2012-11-01 02:57 - 13234176 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

2013-08-28 15:18 - 2013-10-27 10:04 - 00518432 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll

2013-08-28 15:17 - 2013-10-27 10:03 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-11-01 03:34 - 2012-11-01 03:34 - 01260184 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll

2014-04-08 15:38 - 2014-04-08 15:38 - 00041984 _____ () c:\users\obelix05\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpltolef.dll

2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\obelix05\AppData\Roaming\Dropbox\bin\libcef.dll

2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll

2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll

2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

2010-12-22 08:13 - 2010-12-22 08:13 - 00065928 _____ () C:\Program Files (x86)\Microsoft Mathematics Add-in\2.0\Shared\MathRichEditNative.Dll

2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\Services: CVPND => 2

MSCONFIG\Services: Hamachi2Svc => 2

MSCONFIG\Services: LMIGuardianSvc => 2

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: ATSwpNav => "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run

MSCONFIG\startupreg: FJ Camera_Monitor => C:\Program Files (x86)\FJ Camera\monitor.exe

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\obelix05\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

MSCONFIG\startupreg: TortoiseHgOverlayIconServer => C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe

MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
 

==================== Faulty Device Manager Devices =============
 

Name: Intel(R) 82579LM Gigabit Network Connection

Description: Intel(R) 82579LM Gigabit Network Connection

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: e1cexpress

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Cisco Systems VPN Adapter for 64-bit Windows

Description: Cisco Systems VPN Adapter for 64-bit Windows

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: CVirtA

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: TOSHIBA MK5061GSYN

Description: Laufwerk

Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standardlaufwerke)

Service: disk

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/08/2014 10:46:39 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 31184
 

Error: (04/08/2014 10:46:39 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 31184
 

Error: (04/08/2014 10:46:39 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (04/08/2014 10:46:24 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15584
 

Error: (04/08/2014 10:46:24 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15584
 

Error: (04/08/2014 10:46:24 PM) (Source: Bonjour Service) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (04/08/2014 01:49:44 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/08/2014 01:20:28 PM) (Source: Windows Search Service) (User: )

Description: Der Index kann nicht initialisiert werden.
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 

Error: (04/08/2014 01:20:28 PM) (Source: Windows Search Service) (User: )

Description: Die Anwendung kann nicht initialisiert werden.
 

Kontext: Windows Anwendung
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 

Error: (04/08/2014 01:20:28 PM) (Source: Windows Search Service) (User: )

Description: Das Gatherer-Objekt kann nicht initialisiert werden.
 

Kontext: Windows Anwendung, SystemIndex Katalog
 
 

Details:

        Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
 
 

System errors:

=============

Error: (04/09/2014 07:04:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
 

Error: (04/09/2014 07:04:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
 

Error: (04/09/2014 07:04:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
 

Error: (04/09/2014 07:04:44 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
 

Error: (04/09/2014 07:04:37 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
 

Error: (04/09/2014 07:04:37 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
 

Error: (04/09/2014 07:04:33 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
 

Error: (04/09/2014 07:04:32 AM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
 

Error: (04/08/2014 10:46:38 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Anwendungserfahrung" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (04/08/2014 10:46:38 PM) (Source: Service Control Manager) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AeLookupSvc erreicht.
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-04-09 07:12:38.534

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-08 22:43:06.254

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-08 15:46:52.663

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-08 15:39:13.358

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-08 15:26:30.940

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-08 15:16:44.343

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-08 15:05:13.614

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-08 14:52:27.356

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-08 14:44:54.531

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-08 14:34:16.088

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 38%

Total physical RAM: 8032.49 MB

Available physical RAM: 4914.27 MB

Total Pagefile: 16063.16 MB

Available Pagefile: 12518.74 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB
 

==================== Drives ================================
 

Drive c: (2. HDD) (Fixed) (Total:465.54 GB) (Free:323.42 GB) NTFS

Drive w: (WWP) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 00000000)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

FRST.txt

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)

Ran by obelix05 (administrator) on DER0992C2 on 09-04-2014 07:13:15

Running from C:\Users\obelix05\Desktop

Windows 7 Enterprise Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe

(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Utils\SWIService.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

() C:\Windows\system32\atwtusb.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

() C:\Windows\System32\AtwtusbIcon.exe

() C:\Windows\system32\atwtusb.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Sophos Limited) C:\Program Files (x86)\SOPHOS\AutoUpdate\ALMon.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Dropbox, Inc.) C:\Users\obelix05\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13353064 2011-11-14] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-06] (Synaptics Incorporated)

HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-23] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)

HKLM\...\Run: [SSUtility] - C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [273776 2011-09-15] (FUJITSU LIMITED)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED)

HKLM\...\Run: [AtwtusbIcon] - C:\Windows\system32\AtwtusbIcon.exe [3593728 2012-09-10] ()

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)

HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-10-27] ()

HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)

HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-03-12] (Sophos Limited)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {1f302eac-630b-11e3-ba7f-b818ec7dfa15} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {1f302ee4-630b-11e3-ba7f-b818ec7dfa15} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {24bf8dde-2782-11e3-869b-c01885b684a7} - V:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {3bef8343-2764-11e3-a215-00a0c6000020} - V:\CD_Start.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {3bff7be4-6266-11e3-bd1c-c7822fc0bed3} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {64d78b5f-1347-11e3-a4fe-00a0c6000020} - E:\SETUP.EXE

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {6bd62f9c-7eda-11e3-913c-c3e9b22287a2} - X:\Autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920dd-277f-11e3-9a26-c01885b684a7} - W:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920de-277f-11e3-9a26-c01885b684a7} - X:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920df-277f-11e3-9a26-c01885b684a7} - V:\Setup.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920ef-277f-11e3-9a26-c01885b684a7} - S:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920f2-277f-11e3-9a26-c01885b684a7} - T:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920f5-277f-11e3-9a26-c01885b684a7} - U:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e9211c-277f-11e3-9a26-c01885b684a7} - V:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e9211f-277f-11e3-9a26-c01885b684a7} - V:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e92128-277f-11e3-9a26-c01885b684a7} - V:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {7ced323b-2774-11e3-8838-c01885b684a7} - V:\CD_Start.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {813f5382-6277-11e3-bcd3-e7ea8fd1d0d5} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {8497026f-1393-11e3-b69f-c01885b684a7} - V:\SETUP.EXE

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232ca-2782-11e3-bdb5-c01885b684a7} - W:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cb-2782-11e3-bdb5-c01885b684a7} - X:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cc-2782-11e3-bdb5-c01885b684a7} - Y:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cd-2782-11e3-bdb5-c01885b684a7} - V:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cf-2782-11e3-bdb5-c01885b684a7} - W:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232f5-2782-11e3-bdb5-c01885b684a7} - W:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {c05d47a1-277e-11e3-81eb-c01885b684a7} - V:\Setup.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {efebd262-7e22-11e3-bf1e-d0cf3e810bd0} - X:\OriginInstaller.exe

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)

AppInit_DLLs: ,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\SOPHOS\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-03-12] (Sophos Limited)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)

AppInit_DLLs-x32: ,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\SOPHOS\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-03-12] (Sophos Limited)

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

Startup: C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\obelix05\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

SearchScopes: HKCU - {00DDDB94-1BAD-4949-BA6A-CF13702963C1} URL = hxxp://www.wolframalpha.com/input/?i={searchTerms}

SearchScopes: HKCU - {43BEBF4B-12DC-42F9-9702-CA524209F691} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab

DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ura-emea.siemens.com/dana-cached/sc/JuniperSetupClient.cab

Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Hosts: 127.0.0.1        gosredirector.ea.com

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{99D43DF1-8C59-4C42-9EA6-9925EABD3FF1}: [NameServer]139.7.30.126 139.7.30.125
 

FireFox:

========

FF ProfilePath: C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Deutsch (DE) Language Pack - C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-10-16]

FF Extension: Personas Plus - C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\Extensions\personas@christopher.beard.xpi [2013-12-08]

FF Extension: Adblock Plus - C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-01]

FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Nightly\firefox.exe
 

==================== Services (Whitelisted) =================
 

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)

R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)

S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()

R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2273568 2013-10-27] (NVIDIA Corporation)

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)

R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-03-12] (Sophos Limited)

R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-03-12] (Sophos Limited)

R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-03-12] (Sophos Limited)

R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-03-12] (Sophos Limited)

R2 SwiService; C:\Program Files (x86)\Sierra Wireless Inc\Utils\SWIService.exe [198032 2012-10-18] (Sierra Wireless, Inc.)

R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-03-12] (Sophos Limited)

S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-03-12] (Sophos Limited)

R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13234176 2012-11-01] ()

R2 WTService; C:\Windows\system32\atwtusb.exe [581120 2012-10-19] ()

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)

S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()

R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)

R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [15600 2011-07-07] (FUJITSU LIMITED)

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

R3 guardian2; C:\Windows\System32\Drivers\oz776x64.sys [85848 2012-03-13] (O2Micro)

R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)

R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-10-27] (NVIDIA Corporation)

S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)

R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-03-12] (Sophos Limited)

S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-03-12] (Sophos Limited)

S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-03-12] (Sophos Limited)

S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [3052920 2011-12-23] (Sunplus Technology)

R3 swg3kmbb00; C:\Windows\System32\DRIVERS\swg3kmbb00.sys [477560 2012-10-18] (Sierra Wireless Incorporated)

R3 swg3knmea00; C:\Windows\System32\DRIVERS\swg3knmea00.sys [269304 2012-10-18] (Sierra Wireless Incorporated)

R3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [269560 2012-10-18] (Sierra Wireless Incorporated)

R3 swibus00; C:\Windows\System32\DRIVERS\swibus00.sys [85880 2012-10-18] (Sierra Wireless Inc.)

R3 swibusflt00; C:\Windows\System32\DRIVERS\swibusflt00.sys [85880 2012-10-18] (Sierra Wireless Inc.)

R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)

R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)

S1 CBUL32; System32\drivers\CBUL32.SYS [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-09 07:13 - 2014-04-09 07:13 - 00022964 _____ () C:\Users\obelix05\Desktop\FRST.txt

2014-04-09 07:12 - 2014-04-09 07:13 - 00000000 ____D () C:\FRST

2014-04-09 07:12 - 2014-04-09 07:12 - 02157056 _____ (Farbar) C:\Users\obelix05\Desktop\FRST64.exe

2014-04-08 15:44 - 2014-04-08 15:45 - 00027123 _____ () C:\Users\obelix05\Desktop\OTL.rar

2014-04-08 15:22 - 2014-04-08 15:44 - 00160392 _____ () C:\Users\obelix05\Desktop\OTL.Txt

2014-04-08 15:22 - 2014-04-08 15:27 - 00056990 _____ () C:\Users\obelix05\Desktop\Extras.Txt

2014-04-08 15:04 - 2014-04-08 15:05 - 00602112 _____ (OldTimer Tools) C:\Users\obelix05\Desktop\OTL.exe

2014-04-08 13:18 - 2014-04-08 13:48 - 00000112 _____ () C:\Windows\setupact.log

2014-04-08 13:18 - 2014-04-08 13:18 - 00345048 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-08 13:18 - 2014-04-08 13:18 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-08 12:43 - 2014-04-08 12:43 - 00086224 _____ () C:\Users\obelix05\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-07 14:30 - 2014-04-07 14:30 - 00000243 _____ () C:\Users\obelix05\Desktop\elektronik.txt

2014-04-07 13:24 - 2014-04-07 13:24 - 00000000 ____D () C:\Program Files (x86)\Auslogics

2014-04-07 12:38 - 2014-04-07 12:38 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte

2014-03-30 19:32 - 2014-03-30 19:32 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iTunes

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iPod

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-03-26 07:45 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-03-26 07:45 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\system32\NV

2014-03-25 18:55 - 2013-10-27 10:04 - 02273568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe

2014-03-25 18:55 - 2013-10-27 10:04 - 00004078 _____ () C:\Windows\system32\nvPerfProvider.man

2014-03-25 18:49 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2014-03-25 18:49 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-03-25 18:49 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-03-25 18:49 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2014-03-25 18:49 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2014-03-25 18:49 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-03-25 18:49 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-03-25 18:49 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2014-03-25 18:49 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-03-25 18:49 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2014-03-25 18:49 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2014-03-25 18:49 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2014-03-25 18:49 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-03-25 18:49 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-03-25 18:49 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2014-03-25 18:49 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2014-03-25 18:26 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-03-25 18:26 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-03-25 16:53 - 2014-04-01 12:43 - 00002182 _____ () C:\Users\obelix05\.kdiff3rc

2014-03-25 15:35 - 2014-03-25 15:35 - 00000000 ____D () C:\ProgramData\Measurement Computing

2014-03-25 15:32 - 2014-03-25 15:32 - 00000000 ____D () C:\Program Files (x86)\Measurement Computing

2014-03-25 14:36 - 2014-03-31 12:10 - 00000205 _____ () C:\Users\obelix05\mercurial.ini

2014-03-25 14:17 - 2014-04-07 18:00 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\TortoiseHg

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\TortoiseHg

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays

2014-03-25 10:06 - 2014-03-25 10:06 - 00000734 _____ () C:\Users\Public\Desktop\Arduino.lnk

2014-03-25 10:04 - 2014-03-25 10:09 - 00000000 ____D () C:\Programme

2014-03-25 09:59 - 2014-03-27 12:02 - 00000000 ____D () C:\Users\obelix05\Documents\Arduino

2014-03-25 09:59 - 2014-03-25 09:59 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Arduino

2014-03-12 16:26 - 2014-03-12 16:20 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe

2014-03-12 16:25 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-12 16:25 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-12 16:25 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-03-12 16:25 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-12 16:25 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-12 16:25 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-03-12 16:25 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-12 16:25 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-12 16:25 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-12 16:25 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-03-12 16:25 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-03-12 16:25 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-03-12 16:25 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-12 16:25 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-03-12 16:25 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-12 16:25 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-12 16:25 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-12 16:25 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-12 16:25 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-12 16:25 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-03-12 16:25 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-12 16:25 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-12 16:25 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-12 16:25 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-12 16:25 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-12 16:25 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-03-12 16:25 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-03-12 16:25 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-03-12 16:25 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-12 16:25 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-12 16:25 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-12 16:25 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-12 16:25 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-12 16:25 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-03-12 16:25 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-12 16:25 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-12 16:25 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-12 16:25 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-12 16:25 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-03-12 16:25 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-03-12 16:25 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-12 16:25 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-12 16:25 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-12 16:25 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-03-12 16:24 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-03-12 16:24 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-12 16:24 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-03-12 16:24 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-12 16:21 - 2014-03-12 16:21 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys

2014-03-12 16:20 - 2014-03-12 16:20 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll

2014-03-12 16:20 - 2014-03-12 16:20 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys

2014-03-12 16:19 - 2014-03-12 16:19 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
 

==================== One Month Modified Files and Folders =======
 

2014-04-09 07:13 - 2014-04-09 07:13 - 00022964 _____ () C:\Users\obelix05\Desktop\FRST.txt

2014-04-09 07:13 - 2014-04-09 07:12 - 00000000 ____D () C:\FRST

2014-04-09 07:12 - 2014-04-09 07:12 - 02157056 _____ (Farbar) C:\Users\obelix05\Desktop\FRST64.exe

2014-04-09 07:04 - 2013-09-02 08:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-09 07:04 - 2013-08-28 15:00 - 01939488 _____ () C:\Windows\WindowsUpdate.log

2014-04-08 16:12 - 2009-07-14 06:45 - 00019120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-08 16:12 - 2009-07-14 06:45 - 00019120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-08 16:08 - 2013-09-02 18:00 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Dropbox

2014-04-08 15:47 - 2013-10-16 13:49 - 00000000 ____D () C:\Program Files\Nightly

2014-04-08 15:45 - 2014-04-08 15:44 - 00027123 _____ () C:\Users\obelix05\Desktop\OTL.rar

2014-04-08 15:44 - 2014-04-08 15:22 - 00160392 _____ () C:\Users\obelix05\Desktop\OTL.Txt

2014-04-08 15:38 - 2013-09-02 18:03 - 00000000 ___RD () C:\Dropbox

2014-04-08 15:27 - 2014-04-08 15:22 - 00056990 _____ () C:\Users\obelix05\Desktop\Extras.Txt

2014-04-08 15:05 - 2014-04-08 15:04 - 00602112 _____ (OldTimer Tools) C:\Users\obelix05\Desktop\OTL.exe

2014-04-08 13:49 - 2013-11-21 22:06 - 00000000 ____D () C:\ProgramData\VMware

2014-04-08 13:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-08 13:49 - 2009-07-14 04:34 - 00000493 _____ () C:\Windows\win.ini

2014-04-08 13:48 - 2014-04-08 13:18 - 00000112 _____ () C:\Windows\setupact.log

2014-04-08 13:48 - 2013-08-28 15:18 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-04-08 13:26 - 2013-09-20 08:14 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{02F03B64-C422-4D92-B904-40E1756D835A}

2014-04-08 13:18 - 2014-04-08 13:18 - 00345048 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-08 13:18 - 2014-04-08 13:18 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-08 12:43 - 2014-04-08 12:43 - 00086224 _____ () C:\Users\obelix05\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-08 12:38 - 2014-01-19 12:40 - 00000000 ____D () C:\Users\obelix05\AppData\Local\LogMeIn Hamachi

2014-04-08 12:36 - 2013-08-29 00:55 - 00000000 ____D () C:\Windows\Panther

2014-04-08 12:31 - 2013-09-28 18:30 - 00000000 ____D () C:\Program Files\CCleaner

2014-04-07 18:00 - 2014-03-25 14:17 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\TortoiseHg

2014-04-07 17:40 - 2013-08-28 15:56 - 00702388 _____ () C:\Windows\system32\perfh007.dat

2014-04-07 17:40 - 2013-08-28 15:56 - 00151022 _____ () C:\Windows\system32\perfc007.dat

2014-04-07 17:40 - 2009-07-14 07:13 - 01628954 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-07 14:30 - 2014-04-07 14:30 - 00000243 _____ () C:\Users\obelix05\Desktop\elektronik.txt

2014-04-07 13:24 - 2014-04-07 13:24 - 00000000 ____D () C:\Program Files (x86)\Auslogics

2014-04-07 12:56 - 2013-12-14 10:49 - 00000000 ____D () C:\Windows\Minidump

2014-04-07 12:38 - 2014-04-07 12:38 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte

2014-04-07 12:33 - 2013-09-28 17:20 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Spotify

2014-04-02 14:56 - 2013-09-24 08:22 - 00004044 _____ () C:\Users\obelix05\AppData\Roaming\LTspiceIV.ini

2014-04-01 20:55 - 2013-09-02 22:03 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Apple Computer

2014-04-01 12:43 - 2014-03-25 16:53 - 00002182 _____ () C:\Users\obelix05\.kdiff3rc

2014-03-31 16:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-03-31 12:10 - 2014-03-25 14:36 - 00000205 _____ () C:\Users\obelix05\mercurial.ini

2014-03-31 12:10 - 2013-08-28 15:00 - 00000000 ____D () C:\Users\obelix05

2014-03-30 21:54 - 2013-09-28 17:21 - 00000000 ____D () C:\Users\obelix05\AppData\Local\Spotify

2014-03-30 19:32 - 2014-03-30 19:32 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iTunes

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iPod

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-03-30 19:29 - 2013-09-02 22:01 - 00000000 ____D () C:\ProgramData\Apple

2014-03-30 19:18 - 2013-08-28 15:01 - 00000000 ___RD () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-30 19:17 - 2013-09-02 18:01 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-03-27 12:02 - 2014-03-25 09:59 - 00000000 ____D () C:\Users\obelix05\Documents\Arduino

2014-03-26 07:55 - 2013-09-24 20:55 - 00000000 ____D () C:\Users\obelix05\Documents\NetBeansProjects

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\system32\NV

2014-03-25 18:55 - 2013-08-28 15:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-03-25 18:55 - 2013-08-28 15:17 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-03-25 18:55 - 2013-08-28 15:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-03-25 18:48 - 2013-08-28 15:26 - 01603234 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-03-25 18:46 - 2013-08-28 16:07 - 00000000 ____D () C:\Windows\system32\MRT

2014-03-25 18:40 - 2013-08-28 16:07 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-03-25 15:35 - 2014-03-25 15:35 - 00000000 ____D () C:\ProgramData\Measurement Computing

2014-03-25 15:32 - 2014-03-25 15:32 - 00000000 ____D () C:\Program Files (x86)\Measurement Computing

2014-03-25 14:34 - 2013-11-19 12:06 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\CodeBlocks

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\TortoiseHg

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays

2014-03-25 10:09 - 2014-03-25 10:04 - 00000000 ____D () C:\Programme

2014-03-25 10:06 - 2014-03-25 10:06 - 00000734 _____ () C:\Users\Public\Desktop\Arduino.lnk

2014-03-25 09:59 - 2014-03-25 09:59 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Arduino

2014-03-17 23:00 - 2013-09-02 20:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-17 23:00 - 2013-09-02 20:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-17 18:25 - 2013-09-01 22:53 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-03-13 19:27 - 2013-09-02 20:50 - 00000492 __RSH () C:\Users\obelix05\ntuser.pol

2014-03-12 17:16 - 2013-09-02 08:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-12 17:16 - 2013-09-02 08:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-12 17:16 - 2013-09-02 08:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-12 16:27 - 2013-09-02 08:09 - 00000000 ____D () C:\ProgramData\Sophos

2014-03-12 16:27 - 2013-09-01 23:07 - 00000000 ____D () C:\Program Files (x86)\SOPHOS

2014-03-12 16:21 - 2014-03-12 16:21 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys

2014-03-12 16:20 - 2014-03-12 16:26 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe

2014-03-12 16:20 - 2014-03-12 16:20 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll

2014-03-12 16:20 - 2014-03-12 16:20 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys

2014-03-12 16:19 - 2014-03-12 16:19 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
 

Some content of TEMP:

====================

C:\Users\obelix05\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpltolef.dll
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-03-31 11:42
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

So,
also ich hoffe ich bekomm hier jetzt alles zusammen. Habe alle Tools ausgeführt und hier sind die Logs:

mbam.txt

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 09.04.2014

Suchlauf-Zeit: 18:02:00

Logdatei: mbam.txt

Administrator: Ja
 

Version: 2.00.1.1004

Malware Datenbank: v2014.04.09.06

Rootkit Datenbank: v2014.03.27.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Chameleon: Deaktiviert
 

Betriebssystem: Windows 7 Service Pack 1

CPU: x64

Dateisystem: NTFS

Benutzer: obelix05
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 281992

Verstrichene Zeit: 12 Min, 34 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Aktiviert

Shuriken: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(No malicious items detected)
 

Module: 0

(No malicious items detected)
 

Registrierungsschlüssel: 0

(No malicious items detected)
 

Registrierungswerte: 0

(No malicious items detected)
 

Registrierungsdaten: 0

(No malicious items detected)
 

Ordner: 2

PUP.Optional.OpenCandy, C:\Users\obelix05\AppData\Roaming\OpenCandy, In Quarantäne, [bc44c23e639dae529c265bfc857da35d], 

PUP.Optional.OpenCandy, C:\Users\obelix05\AppData\Roaming\OpenCandy\04E3D2165D404599AFBF2DFF43376637, In Quarantäne, [bc44c23e639dae529c265bfc857da35d], 
 

Dateien: 1

PUP.Optional.OpenCandy, C:\Users\obelix05\AppData\Roaming\OpenCandy\04E3D2165D404599AFBF2DFF43376637\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe, In Quarantäne, [bc44c23e639dae529c265bfc857da35d], 
 

Physische Sektoren: 0

(No malicious items detected)
 
 

(end)

AdwCleaner[S0].txt

Code:

# AdwCleaner v3.023 - Report created 09/04/2014 at 18:09:59

# Updated 01/04/2014 by Xplode

# Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)

# Username : obelix05 - DER0992C2

# Running from : C:\Users\obelix05\Desktop\adwcleaner.exe

# Option : Clean
 

***** [ Services ] *****
 
 

***** [ Files / Folders ] *****
 
 

***** [ Shortcuts ] *****
 
 

***** [ Registry ] *****
 
 

***** [ Browsers ] *****
 

-\\ Internet Explorer v11.0.9600.16521
 
 

-\\ Mozilla Firefox v28.0 (de)
 

[ File : C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\prefs.js ]
 
 

*************************
 

AdwCleaner[R0].txt - [776 octets] - [09/04/2014 18:08:53]

AdwCleaner[S0].txt - [698 octets] - [09/04/2014 18:09:59]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [757 octets] ##########

JRT.txt

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Enterprise x64

Ran by obelix05 on 09.04.2014 at 18:18:52,62

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{43BEBF4B-12DC-42F9-9702-CA524209F691}
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 09.04.2014 at 18:24:40,15

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST.txt

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)

Ran by obelix05 (administrator) on DER0992C2 on 09-04-2014 18:31:56

Running from C:\Users\obelix05\Desktop

Windows 7 Enterprise Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Utils\SWIService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

() C:\Windows\System32\AtwtusbIcon.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(Spotify Ltd) C:\Users\obelix05\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

() C:\Windows\system32\atwtusb.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

() C:\Windows\system32\atwtusb.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Sophos Limited) C:\Program Files (x86)\SOPHOS\AutoUpdate\ALMon.exe

(Dropbox, Inc.) C:\Users\obelix05\AppData\Roaming\Dropbox\bin\Dropbox.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13353064 2011-11-14] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-06] (Synaptics Incorporated)

HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-23] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)

HKLM\...\Run: [SSUtility] - C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [273776 2011-09-15] (FUJITSU LIMITED)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED)

HKLM\...\Run: [AtwtusbIcon] - C:\Windows\system32\AtwtusbIcon.exe [3593728 2012-09-10] ()

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)

HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-10-27] ()

HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)

HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-03-12] (Sophos Limited)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\Run: [Spotify Web Helper] - C:\Users\obelix05\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-19] (Spotify Ltd)

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {1f302eac-630b-11e3-ba7f-b818ec7dfa15} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {1f302ee4-630b-11e3-ba7f-b818ec7dfa15} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {24bf8dde-2782-11e3-869b-c01885b684a7} - V:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {3bef8343-2764-11e3-a215-00a0c6000020} - V:\CD_Start.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {3bff7be4-6266-11e3-bd1c-c7822fc0bed3} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {64d78b5f-1347-11e3-a4fe-00a0c6000020} - E:\SETUP.EXE

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {6bd62f9c-7eda-11e3-913c-c3e9b22287a2} - X:\Autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920dd-277f-11e3-9a26-c01885b684a7} - W:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920de-277f-11e3-9a26-c01885b684a7} - X:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920df-277f-11e3-9a26-c01885b684a7} - V:\Setup.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920ef-277f-11e3-9a26-c01885b684a7} - S:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920f2-277f-11e3-9a26-c01885b684a7} - T:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920f5-277f-11e3-9a26-c01885b684a7} - U:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e9211c-277f-11e3-9a26-c01885b684a7} - V:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e9211f-277f-11e3-9a26-c01885b684a7} - V:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e92128-277f-11e3-9a26-c01885b684a7} - V:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {7ced323b-2774-11e3-8838-c01885b684a7} - V:\CD_Start.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {813f5382-6277-11e3-bcd3-e7ea8fd1d0d5} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {8497026f-1393-11e3-b69f-c01885b684a7} - V:\SETUP.EXE

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232ca-2782-11e3-bdb5-c01885b684a7} - W:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cb-2782-11e3-bdb5-c01885b684a7} - X:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cc-2782-11e3-bdb5-c01885b684a7} - Y:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cd-2782-11e3-bdb5-c01885b684a7} - V:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cf-2782-11e3-bdb5-c01885b684a7} - W:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232f5-2782-11e3-bdb5-c01885b684a7} - W:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {c05d47a1-277e-11e3-81eb-c01885b684a7} - V:\Setup.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {efebd262-7e22-11e3-bf1e-d0cf3e810bd0} - X:\OriginInstaller.exe

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)

AppInit_DLLs: , C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\SOPHOS\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-03-12] (Sophos Limited)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)

AppInit_DLLs-x32: , C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\SOPHOS\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-03-12] (Sophos Limited)

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

Startup: C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\obelix05\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

SearchScopes: HKCU - {00DDDB94-1BAD-4949-BA6A-CF13702963C1} URL = hxxp://www.wolframalpha.com/input/?i={searchTerms}

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab

DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ura-emea.siemens.com/dana-cached/sc/JuniperSetupClient.cab

Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Hosts: 127.0.0.1        gosredirector.ea.com

Tcpip\..\Interfaces\{99D43DF1-8C59-4C42-9EA6-9925EABD3FF1}: [NameServer]139.7.30.126 139.7.30.125
 

FireFox:

========

FF ProfilePath: C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Deutsch (DE) Language Pack - C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-10-16]

FF Extension: Personas Plus - C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\Extensions\personas@christopher.beard.xpi [2013-12-08]

FF Extension: Adblock Plus - C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-01]
 

==================== Services (Whitelisted) =================
 

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)

R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)

S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()

R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2273568 2013-10-27] (NVIDIA Corporation)

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)

R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-03-12] (Sophos Limited)

R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-03-12] (Sophos Limited)

R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-03-12] (Sophos Limited)

R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-03-12] (Sophos Limited)

R2 SwiService; C:\Program Files (x86)\Sierra Wireless Inc\Utils\SWIService.exe [198032 2012-10-18] (Sierra Wireless, Inc.)

R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-03-12] (Sophos Limited)

S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-03-12] (Sophos Limited)

R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13234176 2012-11-01] ()

R2 WTService; C:\Windows\system32\atwtusb.exe [581120 2012-10-19] ()

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)

S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()

R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)

R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [15600 2011-07-07] (FUJITSU LIMITED)

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

R3 guardian2; C:\Windows\System32\Drivers\oz776x64.sys [85848 2012-03-13] (O2Micro)

R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)

R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-10-27] (NVIDIA Corporation)

S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)

R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-03-12] (Sophos Limited)

S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-03-12] (Sophos Limited)

S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-03-12] (Sophos Limited)

S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [3052920 2011-12-23] (Sunplus Technology)

R3 swg3kmbb00; C:\Windows\System32\DRIVERS\swg3kmbb00.sys [477560 2012-10-18] (Sierra Wireless Incorporated)

R3 swg3knmea00; C:\Windows\System32\DRIVERS\swg3knmea00.sys [269304 2012-10-18] (Sierra Wireless Incorporated)

R3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [269560 2012-10-18] (Sierra Wireless Incorporated)

R3 swibus00; C:\Windows\System32\DRIVERS\swibus00.sys [85880 2012-10-18] (Sierra Wireless Inc.)

R3 swibusflt00; C:\Windows\System32\DRIVERS\swibusflt00.sys [85880 2012-10-18] (Sierra Wireless Inc.)

R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)

R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)

S1 CBUL32; System32\drivers\CBUL32.SYS [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-09 18:31 - 2014-04-09 18:31 - 00022634 _____ () C:\Users\obelix05\Desktop\FRST.txt

2014-04-09 18:24 - 2014-04-09 18:26 - 00000773 _____ () C:\Users\obelix05\Desktop\JRT.txt

2014-04-09 18:18 - 2014-04-09 18:18 - 00000000 ____D () C:\Windows\ERUNT

2014-04-09 18:13 - 2014-04-09 18:13 - 00000836 _____ () C:\Users\obelix05\Desktop\AdwCleaner[S0].txt

2014-04-09 18:08 - 2014-04-09 18:14 - 00001564 _____ () C:\Users\obelix05\Desktop\mbam.txt

2014-04-09 18:08 - 2014-04-09 18:10 - 00000000 ____D () C:\AdwCleaner

2014-04-09 18:03 - 2014-04-09 18:03 - 00000990 _____ () C:\Windows\PFRO.log

2014-04-09 17:47 - 2014-04-09 18:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-09 17:47 - 2014-04-09 17:47 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-09 17:47 - 2014-04-09 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-09 17:47 - 2014-04-09 17:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-04-09 17:47 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-09 17:47 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-09 17:47 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-09 17:46 - 2014-04-09 17:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\obelix05\Desktop\mbam-setup-2.0.1.1004.exe

2014-04-09 17:43 - 2014-04-09 17:43 - 01426178 _____ () C:\Users\obelix05\Desktop\adwcleaner.exe

2014-04-09 17:43 - 2014-04-09 17:43 - 01016261 _____ (Thisisu) C:\Users\obelix05\Desktop\JRT.exe

2014-04-09 15:28 - 2014-04-09 15:28 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte

2014-04-09 07:12 - 2014-04-09 18:31 - 00000000 ____D () C:\FRST

2014-04-09 07:12 - 2014-04-09 07:12 - 02157056 _____ (Farbar) C:\Users\obelix05\Desktop\FRST64.exe

2014-04-08 15:44 - 2014-04-08 15:45 - 00027123 _____ () C:\Users\obelix05\Desktop\OTL.rar

2014-04-08 15:22 - 2014-04-08 15:44 - 00160392 _____ () C:\Users\obelix05\Desktop\OTL.Txt

2014-04-08 15:22 - 2014-04-08 15:27 - 00056990 _____ () C:\Users\obelix05\Desktop\Extras.Txt

2014-04-08 15:04 - 2014-04-08 15:05 - 00602112 _____ (OldTimer Tools) C:\Users\obelix05\Desktop\OTL.exe

2014-04-08 13:18 - 2014-04-09 18:11 - 00000392 _____ () C:\Windows\setupact.log

2014-04-08 13:18 - 2014-04-08 13:18 - 00345048 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-08 13:18 - 2014-04-08 13:18 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-08 12:43 - 2014-04-08 12:43 - 00086224 _____ () C:\Users\obelix05\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-07 14:30 - 2014-04-07 14:30 - 00000243 _____ () C:\Users\obelix05\Desktop\elektronik.txt

2014-04-07 13:24 - 2014-04-07 13:24 - 00000000 ____D () C:\Program Files (x86)\Auslogics

2014-03-30 19:32 - 2014-03-30 19:32 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iTunes

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iPod

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-03-26 07:45 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-03-26 07:45 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\system32\NV

2014-03-25 18:55 - 2013-10-27 10:04 - 02273568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe

2014-03-25 18:55 - 2013-10-27 10:04 - 00004078 _____ () C:\Windows\system32\nvPerfProvider.man

2014-03-25 18:49 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2014-03-25 18:49 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-03-25 18:49 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-03-25 18:49 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2014-03-25 18:49 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2014-03-25 18:49 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-03-25 18:49 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-03-25 18:49 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2014-03-25 18:49 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-03-25 18:49 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2014-03-25 18:49 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2014-03-25 18:49 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2014-03-25 18:49 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-03-25 18:49 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-03-25 18:49 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2014-03-25 18:49 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2014-03-25 18:26 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-03-25 18:26 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-03-25 16:53 - 2014-04-01 12:43 - 00002182 _____ () C:\Users\obelix05\.kdiff3rc

2014-03-25 15:35 - 2014-03-25 15:35 - 00000000 ____D () C:\ProgramData\Measurement Computing

2014-03-25 15:32 - 2014-03-25 15:32 - 00000000 ____D () C:\Program Files (x86)\Measurement Computing

2014-03-25 14:36 - 2014-03-31 12:10 - 00000205 _____ () C:\Users\obelix05\mercurial.ini

2014-03-25 14:17 - 2014-04-07 18:00 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\TortoiseHg

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\TortoiseHg

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays

2014-03-25 10:06 - 2014-03-25 10:06 - 00000734 _____ () C:\Users\Public\Desktop\Arduino.lnk

2014-03-25 10:04 - 2014-03-25 10:09 - 00000000 ____D () C:\Programme

2014-03-25 09:59 - 2014-03-27 12:02 - 00000000 ____D () C:\Users\obelix05\Documents\Arduino

2014-03-25 09:59 - 2014-03-25 09:59 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Arduino

2014-03-12 16:26 - 2014-03-12 16:20 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe

2014-03-12 16:25 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-03-12 16:25 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-03-12 16:25 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-03-12 16:25 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-03-12 16:25 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-03-12 16:25 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-03-12 16:25 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-03-12 16:25 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-03-12 16:25 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-03-12 16:25 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-03-12 16:25 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-03-12 16:25 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-03-12 16:25 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-03-12 16:25 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-03-12 16:25 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-03-12 16:25 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-03-12 16:25 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-03-12 16:25 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-03-12 16:25 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-03-12 16:25 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-03-12 16:25 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-03-12 16:25 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-03-12 16:25 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-03-12 16:25 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-03-12 16:25 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-03-12 16:25 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-03-12 16:25 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-03-12 16:25 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-03-12 16:25 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-03-12 16:25 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-03-12 16:25 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-03-12 16:25 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-03-12 16:25 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-03-12 16:25 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-03-12 16:25 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-03-12 16:25 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-03-12 16:25 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-03-12 16:25 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-03-12 16:25 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-03-12 16:25 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-03-12 16:25 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-12 16:25 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-12 16:25 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-12 16:25 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-03-12 16:24 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-03-12 16:24 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-12 16:24 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-03-12 16:24 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-12 16:21 - 2014-03-12 16:21 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys

2014-03-12 16:20 - 2014-03-12 16:20 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll

2014-03-12 16:20 - 2014-03-12 16:20 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys

2014-03-12 16:19 - 2014-03-12 16:19 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
 

==================== One Month Modified Files and Folders =======
 

2014-04-09 18:31 - 2014-04-09 18:31 - 00022634 _____ () C:\Users\obelix05\Desktop\FRST.txt

2014-04-09 18:31 - 2014-04-09 07:12 - 00000000 ____D () C:\FRST

2014-04-09 18:31 - 2013-08-28 15:00 - 01112193 _____ () C:\Windows\WindowsUpdate.log

2014-04-09 18:26 - 2014-04-09 18:24 - 00000773 _____ () C:\Users\obelix05\Desktop\JRT.txt

2014-04-09 18:25 - 2009-07-14 06:45 - 00019120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-09 18:25 - 2009-07-14 06:45 - 00019120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-09 18:18 - 2014-04-09 18:18 - 00000000 ____D () C:\Windows\ERUNT

2014-04-09 18:16 - 2013-09-02 08:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-09 18:14 - 2014-04-09 18:08 - 00001564 _____ () C:\Users\obelix05\Desktop\mbam.txt

2014-04-09 18:14 - 2013-09-02 18:00 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Dropbox

2014-04-09 18:13 - 2014-04-09 18:13 - 00000836 _____ () C:\Users\obelix05\Desktop\AdwCleaner[S0].txt

2014-04-09 18:13 - 2013-09-02 18:03 - 00000000 ___RD () C:\Dropbox

2014-04-09 18:12 - 2013-11-21 22:06 - 00000000 ____D () C:\ProgramData\VMware

2014-04-09 18:12 - 2009-07-14 04:34 - 00000493 _____ () C:\Windows\win.ini

2014-04-09 18:11 - 2014-04-08 13:18 - 00000392 _____ () C:\Windows\setupact.log

2014-04-09 18:11 - 2013-08-28 15:18 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-04-09 18:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-09 18:10 - 2014-04-09 18:08 - 00000000 ____D () C:\AdwCleaner

2014-04-09 18:07 - 2014-04-09 17:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-09 18:03 - 2014-04-09 18:03 - 00000990 _____ () C:\Windows\PFRO.log

2014-04-09 18:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss

2014-04-09 18:02 - 2013-09-28 17:20 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Spotify

2014-04-09 17:47 - 2014-04-09 17:47 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-09 17:47 - 2014-04-09 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-09 17:47 - 2014-04-09 17:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-04-09 17:46 - 2014-04-09 17:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\obelix05\Desktop\mbam-setup-2.0.1.1004.exe

2014-04-09 17:43 - 2014-04-09 17:43 - 01426178 _____ () C:\Users\obelix05\Desktop\adwcleaner.exe

2014-04-09 17:43 - 2014-04-09 17:43 - 01016261 _____ (Thisisu) C:\Users\obelix05\Desktop\JRT.exe

2014-04-09 17:41 - 2013-09-28 17:21 - 00000000 ____D () C:\Users\obelix05\AppData\Local\Spotify

2014-04-09 15:28 - 2014-04-09 15:28 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte

2014-04-09 14:34 - 2013-09-28 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-04-09 14:16 - 2013-09-20 08:14 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{02F03B64-C422-4D92-B904-40E1756D835A}

2014-04-09 12:31 - 2013-09-02 08:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-04-09 12:31 - 2013-09-02 08:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-04-09 12:31 - 2013-09-02 08:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-04-09 12:31 - 2013-09-01 23:00 - 00000000 ____D () C:\Users\obelix05\AppData\Local\Adobe

2014-04-09 07:12 - 2014-04-09 07:12 - 02157056 _____ (Farbar) C:\Users\obelix05\Desktop\FRST64.exe

2014-04-08 15:47 - 2013-10-16 13:49 - 00000000 ____D () C:\Program Files\Nightly

2014-04-08 15:45 - 2014-04-08 15:44 - 00027123 _____ () C:\Users\obelix05\Desktop\OTL.rar

2014-04-08 15:44 - 2014-04-08 15:22 - 00160392 _____ () C:\Users\obelix05\Desktop\OTL.Txt

2014-04-08 15:27 - 2014-04-08 15:22 - 00056990 _____ () C:\Users\obelix05\Desktop\Extras.Txt

2014-04-08 15:05 - 2014-04-08 15:04 - 00602112 _____ (OldTimer Tools) C:\Users\obelix05\Desktop\OTL.exe

2014-04-08 13:18 - 2014-04-08 13:18 - 00345048 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-08 13:18 - 2014-04-08 13:18 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-08 12:43 - 2014-04-08 12:43 - 00086224 _____ () C:\Users\obelix05\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-08 12:38 - 2014-01-19 12:40 - 00000000 ____D () C:\Users\obelix05\AppData\Local\LogMeIn Hamachi

2014-04-08 12:36 - 2013-08-29 00:55 - 00000000 ____D () C:\Windows\Panther

2014-04-08 12:31 - 2013-09-28 18:30 - 00000000 ____D () C:\Program Files\CCleaner

2014-04-07 18:00 - 2014-03-25 14:17 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\TortoiseHg

2014-04-07 17:40 - 2013-08-28 15:56 - 00702388 _____ () C:\Windows\system32\perfh007.dat

2014-04-07 17:40 - 2013-08-28 15:56 - 00151022 _____ () C:\Windows\system32\perfc007.dat

2014-04-07 17:40 - 2009-07-14 07:13 - 01628954 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-07 14:30 - 2014-04-07 14:30 - 00000243 _____ () C:\Users\obelix05\Desktop\elektronik.txt

2014-04-07 13:24 - 2014-04-07 13:24 - 00000000 ____D () C:\Program Files (x86)\Auslogics

2014-04-07 12:56 - 2013-12-14 10:49 - 00000000 ____D () C:\Windows\Minidump

2014-04-03 09:51 - 2014-04-09 17:47 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 09:51 - 2014-04-09 17:47 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 09:50 - 2014-04-09 17:47 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-02 14:56 - 2013-09-24 08:22 - 00004044 _____ () C:\Users\obelix05\AppData\Roaming\LTspiceIV.ini

2014-04-01 20:55 - 2013-09-02 22:03 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Apple Computer

2014-04-01 12:43 - 2014-03-25 16:53 - 00002182 _____ () C:\Users\obelix05\.kdiff3rc

2014-03-31 16:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-03-31 12:10 - 2014-03-25 14:36 - 00000205 _____ () C:\Users\obelix05\mercurial.ini

2014-03-31 12:10 - 2013-08-28 15:00 - 00000000 ____D () C:\Users\obelix05

2014-03-30 19:32 - 2014-03-30 19:32 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iTunes

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iPod

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-03-30 19:29 - 2013-09-02 22:01 - 00000000 ____D () C:\ProgramData\Apple

2014-03-30 19:18 - 2013-08-28 15:01 - 00000000 ___RD () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-30 19:17 - 2013-09-02 18:01 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-03-27 12:02 - 2014-03-25 09:59 - 00000000 ____D () C:\Users\obelix05\Documents\Arduino

2014-03-26 07:55 - 2013-09-24 20:55 - 00000000 ____D () C:\Users\obelix05\Documents\NetBeansProjects

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\system32\NV

2014-03-25 18:55 - 2013-08-28 15:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-03-25 18:55 - 2013-08-28 15:17 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-03-25 18:55 - 2013-08-28 15:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-03-25 18:48 - 2013-08-28 15:26 - 01603234 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-03-25 18:46 - 2013-08-28 16:07 - 00000000 ____D () C:\Windows\system32\MRT

2014-03-25 18:40 - 2013-08-28 16:07 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-03-25 15:35 - 2014-03-25 15:35 - 00000000 ____D () C:\ProgramData\Measurement Computing

2014-03-25 15:32 - 2014-03-25 15:32 - 00000000 ____D () C:\Program Files (x86)\Measurement Computing

2014-03-25 14:34 - 2013-11-19 12:06 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\CodeBlocks

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\TortoiseHg

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays

2014-03-25 10:09 - 2014-03-25 10:04 - 00000000 ____D () C:\Programme

2014-03-25 10:06 - 2014-03-25 10:06 - 00000734 _____ () C:\Users\Public\Desktop\Arduino.lnk

2014-03-25 09:59 - 2014-03-25 09:59 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Arduino

2014-03-17 23:00 - 2013-09-02 20:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-17 23:00 - 2013-09-02 20:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-17 18:25 - 2013-09-01 22:53 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-03-13 19:27 - 2013-09-02 20:50 - 00000492 __RSH () C:\Users\obelix05\ntuser.pol

2014-03-12 16:27 - 2013-09-02 08:09 - 00000000 ____D () C:\ProgramData\Sophos

2014-03-12 16:27 - 2013-09-01 23:07 - 00000000 ____D () C:\Program Files (x86)\SOPHOS

2014-03-12 16:21 - 2014-03-12 16:21 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys

2014-03-12 16:20 - 2014-03-12 16:26 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe

2014-03-12 16:20 - 2014-03-12 16:20 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll

2014-03-12 16:20 - 2014-03-12 16:20 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys

2014-03-12 16:19 - 2014-03-12 16:19 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
 

Some content of TEMP:

====================

C:\Users\obelix05\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplwb0nx.dll

C:\Users\obelix05\AppData\Local\Temp\Quarantine.exe

C:\Users\obelix05\AppData\Local\Temp\Shockwave_Installer_FF.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-09 14:24
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014

Ran by obelix05 at 2014-04-09 18:32:09

Running from C:\Users\obelix05\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}

AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)

Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)

Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)

AuthenTec Fingerprint Software (HKLM\...\{5F1DFCC1-595D-4235-A044-E05B706D800A}) (Version: 9.0.8.35 - AuthenTec, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - )

CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)

Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)

CodeBlocks (HKCU\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)

Dassault Systemes Software B19 (HKLM\...\Dassault Systemes B19_0) (Version:  - )

Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)

DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.15.0134 - Fujitsu Technology Solutions)

Dropbox (HKCU\...\Dropbox) (Version: 2.6.25 - Dropbox, Inc.)

FEMBEAM 1.43 (HKLM-x32\...\ST6UNST #1) (Version:  - )

FJ Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.9.4 - SunplusIT)

Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)

Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden

Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.002 - FUJITSU LIMITED)

Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002 - FUJITSU LIMITED) Hidden

Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.4.0 - FUJITSU LIMITED)

Fujitsu System Extension Utility (Version: 3.4.4.0 - FUJITSU LIMITED) Hidden

GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.56.0 - International GeoGebra Institute)

GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)

InstaCal for Windows (HKLM-x32\...\{2255E2F6-3226-4BE3-8A52-397FDCBA5DB1}) (Version: 6.31 - Measurement Computing Corporation)

Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)

Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)

Intel(R) PRO/Wireless Driver (Version: 16.06.2000.0671 - Intel Corporation) Hidden

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (Version: 16.06.0000.0280 - Intel Corporation) Hidden

Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED)

LIFEBOOK Application Panel (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden

LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )

Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

MatheAss 8.2 (HKLM-x32\...\MatheAss_is1) (Version:  - MatheAss)

MatheGrafix 10 (Version 10.1) (HKLM-x32\...\MatheGrafix 10_is1) (Version:  - )

Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)

Microsoft Mathematics-Add-In (32 Bit) (HKLM-x32\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.041222.01 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

MinGW-Get version 0.5-beta-20120426-1 (HKLM-x32\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW)

Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)

NetBeans IDE 7.3.1 (HKLM-x32\...\nbi-nb-base-7.3.1.0.201306052037) (Version: 7.3.1 - NetBeans.org)

Nightly 31.0a1 (x64 en-US) (HKLM\...\Nightly 31.0a1 (x64 en-US)) (Version: 31.0a1 - Mozilla)

NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)

NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden

NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)

NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden

NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden

NVIDIA WMI 2.15.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.15.0 - NVIDIA Corporation)

O2Micro OZ776 SCR Driver (HKLM-x32\...\InstallShield_{7F1540E7-E524-4258-B611-5800D70FD407}) (Version: 2.1.4.216GS - O2Micro)

O2Micro OZ776 SCR Driver (Version: 2.1.4.216GS - O2Micro) Hidden

PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

PhoneClean 3.2.0 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 3.2.0 - iMobie Inc.)

Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 6.2.0.1 - FUJITSU LIMITED)

Plugfree NETWORK (Version: 6.2.001 - FUJITSU LIMITED) Hidden

Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.042 - FUJITSU LIMITED)

Program-Link FA-CP1 (Single License) (HKLM-x32\...\{53FB84B2-23CC-47BE-903F-EC1841459509}) (Version: 1.0.3.0 - CASIO COMPUTER CO., LTD.)

Qt Creator (HKCU\...\Qt Creator) (Version: 2.8.1 - Qt Project)

Qt OpenSource 4.8.5 (HKLM-x32\...\Qt OpenSource 4.8.5 - C:_Qt_4.8.5) (Version: 4.8.5 - Digia Plc)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6505 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)

Shock Sensor Driver (HKLM-x32\...\InstallShield_{BFA53004-F544-4356-B0F9-735D69623447}) (Version: 1.01.00.002 - FUJITSU LIMITED)

Shock Sensor Driver (Version: 1.01.00.002 - FUJITSU LIMITED) Hidden

Shock Sensor Utility (HKLM-x32\...\InstallShield_{4E7C12AC-8F19-49CC-87C3-0EAAD952F6B3}) (Version: 5.01.00.001 - FUJITSU LIMITED)

Shock Sensor Utility (Version: 5.01.00.001 - FUJITSU LIMITED) Hidden

Sierra Wireless QMI Fujitsu Driver Package (HKLM-x32\...\SWIFujitsuDrvInstaller) (Version: 2.8.1210.1 - Sierra Wireless Inc.)

Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)

Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.0.522 - Sophos Limited)

Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.44.1 - Synaptics Incorporated)

System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)

Tabellenbuch Metall 7.0 (HKLM-x32\...\Tabellenbuch Metall 7.0) (Version: 7.0 - Verlag Europa-Lehrmittel)

tools-freebsd (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-linux (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-netware (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-solaris (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-windows (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-winPre2k (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

TortoiseHg 2.11.1 (x64) (HKLM\...\{A0A48C39-F6D7-4827-B815-C96A24AD6349}) (Version: 2.11.1 - Steve Borho and others)

Trust tablet driver (HKLM\...\RmTablet) (Version: 5.01 - )

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden

VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.1 - VMware, Inc)

VMware Workstation (Version: 9.0.1 - VMware, Inc.) Hidden

WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)

WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)

WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Worms World Party (HKLM-x32\...\{9A200E68-D5F4-4E70-910F-2871753A0E2B}) (Version:  - )
 

==================== Restore Points  =========================
 

07-04-2014 11:04:17 Removed Need for Speed(TM) Hot Pursuit

08-04-2014 13:11:42 OTL Restore Point - 08.04.2014 15:11:41
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2014-01-17 21:36 - 00000858 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1        gosredirector.ea.com
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0F1BEF5F-98E4-41F4-8AF4-8C026800469F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {76DA0695-AC44-4C38-81A8-1B4F483A531C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)

Task: {ACB2CEF9-DD1B-484F-BE00-43A6F71854B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-09] (Adobe Systems Incorporated)

Task: {BB3A100A-52EE-4EC3-A760-5641E238AE7D} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-08-28 15:17 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-03-19 08:09 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2013-09-06 15:08 - 2012-09-10 13:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe

2013-09-06 15:08 - 2012-10-19 11:01 - 00581120 _____ () C:\Windows\system32\atwtusb.exe

2012-11-01 02:57 - 2012-11-01 02:57 - 13234176 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-04-09 18:12 - 2014-04-09 18:12 - 00041984 _____ () c:\users\obelix05\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplwb0nx.dll

2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\obelix05\AppData\Roaming\Dropbox\bin\libcef.dll

2012-11-01 03:34 - 2012-11-01 03:34 - 01260184 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\Services: CVPND => 2

MSCONFIG\Services: Hamachi2Svc => 2

MSCONFIG\Services: LMIGuardianSvc => 2

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: ATSwpNav => "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run

MSCONFIG\startupreg: FJ Camera_Monitor => C:\Program Files (x86)\FJ Camera\monitor.exe

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\obelix05\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

MSCONFIG\startupreg: TortoiseHgOverlayIconServer => C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe

MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
 

==================== Faulty Device Manager Devices =============
 

Name: Intel(R) 82579LM Gigabit Network Connection

Description: Intel(R) 82579LM Gigabit Network Connection

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: e1cexpress

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Cisco Systems VPN Adapter for 64-bit Windows

Description: Cisco Systems VPN Adapter for 64-bit Windows

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: CVirtA

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: TOSHIBA MK5061GSYN

Description: Laufwerk

Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standardlaufwerke)

Service: disk

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================
 

System errors:

=============
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-04-09 18:25:40.374

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-09 18:13:45.869

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-09 18:06:42.709

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-09 17:39:12.304

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-09 15:28:37.621

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-09 14:54:06.994

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-09 14:39:16.391

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-09 14:23:28.882

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-09 13:56:02.512

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-09 13:45:25.249

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 33%

Total physical RAM: 8032.49 MB

Available physical RAM: 5368.4 MB

Total Pagefile: 16063.16 MB

Available Pagefile: 13335.28 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB
 

==================== Drives ================================
 

Drive c: (2. HDD) (Fixed) (Total:465.54 GB) (Free:322.63 GB) NTFS

Drive w: (WWP) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 00000000)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Hi schrauber,

also ich habe nun auch diese beiden Tools durchlaufen lassen... Leider keine Besserung. Das Ding ist auch, dass das Problem immer nur schubweise auftritt. Mal funktioniert alles super, 5min später wieder nichts, und nochmal 10 min später alles gaaaaaanz langsam....

Und mir ist auch aufgefallen, dass seit dem Problem die Festplatte nach dem Start meiner Einschätzung nach extrem lang rödelt bis sie ruhe gibt...

Gibt es evtl. noch ein paar Ideen? Den IE habe ich auch mal ohne Addons ausgeführt. Leider auch nicht besser.

Hier erstmal die Logs:

Wäre super wenn dir noch was einfällt. Danke schon mal bis hierher...

ESET Log

Code:

ESETSmartInstaller@High as downloader log:

Can not open internetESETSmartInstaller@High as downloader log:

Can not open internet# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=13f564235e1ce845be423a121c1a990c

# engine=17832

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2014-04-10 04:08:06

# local_time=2014-04-10 06:08:06 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776573 100 94 27615 148775936 0 0

# compatibility_mode=8449 16775166 50 96 14630 52185679 7426 0

# scanned=428843

# found=1

# cleaned=0

# scan_time=11166

sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="C:\download\Need.for.Speed.Hot.Pursuit-RELOADED\Need.for.Speed.Hot.Pursuit-RELOADED\rld-nshp.iso"

Security Check

Code:

 Results of screen317's Security Check version 0.99.81  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

Sophos Anti-Virus   

 WMI entry may not exist for antivirus; attempting automatic update. 
 `````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 51  

 Adobe Flash Player 13.0.0.182  

 Adobe Reader XI  

 Mozilla Firefox (28.0) 
 ````````Process Check: objlist.exe by Laurent````````  

 Sophos Sophos Anti-Virus SavService.exe  

 Sophos Sophos Anti-Virus SAVAdminService.exe  

 Sophos Sophos Anti-Virus Web Control swc_service.exe 

 Sophos Sophos Anti-Virus Web Intelligence swi_service.exe 
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  
 ````````````````````End of Log``````````````````````

FRST.txt

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 28 days old and could be outdated)

Ran by obelix05 (administrator) on DER0992C2 on 10-04-2014 21:03:04

Running from C:\Users\obelix05\Desktop

Windows 7 Enterprise Service Pack 1 (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\ATService.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Utils\SWIService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe

() C:\Windows\System32\AtwtusbIcon.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Spotify Ltd) C:\Users\obelix05\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

() C:\Windows\system32\atwtusb.exe

() C:\Windows\system32\atwtusb.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe

(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

(Sophos Limited) C:\Program Files (x86)\SOPHOS\AutoUpdate\ALMon.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE

() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe

(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Dropbox, Inc.) C:\Users\obelix05\AppData\Roaming\Dropbox\bin\Dropbox.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13353064 2011-11-14] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-06] (Synaptics Incorporated)

HKLM\...\Run: [LoadFUJ02E3] - C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-23] (FUJITSU LIMITED)

HKLM\...\Run: [PSUTility] - C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)

HKLM\...\Run: [SSUtility] - C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [273776 2011-09-15] (FUJITSU LIMITED)

HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED)

HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED)

HKLM\...\Run: [AtwtusbIcon] - C:\Windows\system32\AtwtusbIcon.exe [3593728 2012-09-10] ()

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)

HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2747680 2013-10-27] ()

HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-07-18] (Intel Corporation)

HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)

HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] - C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-04-10] (Sophos Limited)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\Run: [Spotify Web Helper] - C:\Users\obelix05\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-19] (Spotify Ltd)

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {1f302eac-630b-11e3-ba7f-b818ec7dfa15} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {1f302ee4-630b-11e3-ba7f-b818ec7dfa15} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {24bf8dde-2782-11e3-869b-c01885b684a7} - V:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {3bef8343-2764-11e3-a215-00a0c6000020} - V:\CD_Start.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {3bff7be4-6266-11e3-bd1c-c7822fc0bed3} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {64d78b5f-1347-11e3-a4fe-00a0c6000020} - E:\SETUP.EXE

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {6bd62f9c-7eda-11e3-913c-c3e9b22287a2} - X:\Autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920dd-277f-11e3-9a26-c01885b684a7} - W:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920de-277f-11e3-9a26-c01885b684a7} - X:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920df-277f-11e3-9a26-c01885b684a7} - V:\Setup.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920ef-277f-11e3-9a26-c01885b684a7} - S:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920f2-277f-11e3-9a26-c01885b684a7} - T:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e920f5-277f-11e3-9a26-c01885b684a7} - U:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e9211c-277f-11e3-9a26-c01885b684a7} - V:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e9211f-277f-11e3-9a26-c01885b684a7} - V:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {74e92128-277f-11e3-9a26-c01885b684a7} - V:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {7ced323b-2774-11e3-8838-c01885b684a7} - V:\CD_Start.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {813f5382-6277-11e3-bcd3-e7ea8fd1d0d5} - W:\autorun.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {8497026f-1393-11e3-b69f-c01885b684a7} - V:\SETUP.EXE

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232ca-2782-11e3-bdb5-c01885b684a7} - W:\WIN64\startspk.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cb-2782-11e3-bdb5-c01885b684a7} - X:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cc-2782-11e3-bdb5-c01885b684a7} - Y:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cd-2782-11e3-bdb5-c01885b684a7} - V:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232cf-2782-11e3-bdb5-c01885b684a7} - W:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {bf2232f5-2782-11e3-bdb5-c01885b684a7} - W:\Setup.bat

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {c05d47a1-277e-11e3-81eb-c01885b684a7} - V:\Setup.exe

HKU\S-1-5-21-2605420704-2655928431-54774813-1000\...\MountPoints2: {efebd262-7e22-11e3-bf1e-d0cf3e810bd0} - X:\OriginInstaller.exe

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)

AppInit_DLLs: , C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\SOPHOS\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-03-12] (Sophos Limited)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)

AppInit_DLLs-x32: , C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\SOPHOS\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-03-12] (Sophos Limited)

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

Startup: C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\obelix05\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

SearchScopes: HKCU - {00DDDB94-1BAD-4949-BA6A-CF13702963C1} URL = hxxp://www.wolframalpha.com/input/?i={searchTerms}

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab

DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ura-emea.siemens.com/dana-cached/sc/JuniperSetupClient.cab

Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)

Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Winsock: Catalog9-x64 20 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)

Hosts: 127.0.0.1        gosredirector.ea.com

Tcpip\..\Interfaces\{99D43DF1-8C59-4C42-9EA6-9925EABD3FF1}: [NameServer]139.7.30.126 139.7.30.125
 

FireFox:

========

FF ProfilePath: C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Deutsch (DE) Language Pack - C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-10-16]

FF Extension: Personas Plus - C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\Extensions\personas@christopher.beard.xpi [2013-12-08]

FF Extension: Adblock Plus - C:\Users\obelix05\AppData\Roaming\Mozilla\Firefox\Profiles\wcfbiopk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-01]
 

==================== Services (Whitelisted) =================
 

R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)

R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)

S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-10-11] ()

R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2273568 2013-10-27] (NVIDIA Corporation)

R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED)

R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)

R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-03-12] (Sophos Limited)

R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-03-12] (Sophos Limited)

R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-04-10] (Sophos Limited)

R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-03-12] (Sophos Limited)

R2 SwiService; C:\Program Files (x86)\Sierra Wireless Inc\Utils\SWIService.exe [198032 2012-10-18] (Sierra Wireless, Inc.)

R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-03-12] (Sophos Limited)

S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-03-12] (Sophos Limited)

R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [13234176 2012-11-01] ()

R2 WTService; C:\Windows\system32\atwtusb.exe [581120 2012-10-19] ()

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3671792 2013-10-11] (Intel® Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [163368 2012-04-01] (Broadcom Corporation.)

S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()

R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)

R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [15600 2011-07-07] (FUJITSU LIMITED)

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)

R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)

R3 guardian2; C:\Windows\System32\Drivers\oz776x64.sys [85848 2012-03-13] (O2Micro)

R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)

R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-10-27] (NVIDIA Corporation)

S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)

R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-03-12] (Sophos Limited)

S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-03-12] (Sophos Limited)

S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-03-12] (Sophos Limited)

S3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [3052920 2011-12-23] (Sunplus Technology)

R3 swg3kmbb00; C:\Windows\System32\DRIVERS\swg3kmbb00.sys [477560 2012-10-18] (Sierra Wireless Incorporated)

R3 swg3knmea00; C:\Windows\System32\DRIVERS\swg3knmea00.sys [269304 2012-10-18] (Sierra Wireless Incorporated)

R3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [269560 2012-10-18] (Sierra Wireless Incorporated)

R3 swibus00; C:\Windows\System32\DRIVERS\swibus00.sys [85880 2012-10-18] (Sierra Wireless Inc.)

R3 swibusflt00; C:\Windows\System32\DRIVERS\swibusflt00.sys [85880 2012-10-18] (Sierra Wireless Inc.)

R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)

R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)

S1 CBUL32; System32\drivers\CBUL32.SYS [X]

S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-10 21:03 - 2014-04-10 21:03 - 00023328 _____ () C:\Users\obelix05\Desktop\FRST.txt

2014-04-10 18:39 - 2014-04-10 21:02 - 00000938 _____ () C:\Users\obelix05\Desktop\checkup.txt

2014-04-10 10:09 - 2014-04-10 10:10 - 63320784 _____ (Microsoft Corporation) C:\Users\obelix05\Desktop\IE11-Windows6.1-x64-de-de.exe

2014-04-10 09:00 - 2014-04-10 09:00 - 00001135 _____ () C:\Users\Public\Desktop\Opera.lnk

2014-04-10 09:00 - 2014-04-10 09:00 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Opera Software

2014-04-10 09:00 - 2014-04-10 09:00 - 00000000 ____D () C:\Users\obelix05\AppData\Local\Opera Software

2014-04-10 09:00 - 2014-04-10 09:00 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-04-09 22:45 - 2014-04-10 14:28 - 01040671 _____ () C:\Users\obelix05\Desktop\Herstellung von Wälzlagern.pptx

2014-04-09 22:22 - 2014-04-09 22:22 - 00003584 _____ () C:\Users\obelix05\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-04-09 22:21 - 2014-04-09 22:21 - 00005295 _____ () C:\Users\obelix05\Desktop\Mein Film.wlmp

2014-04-09 22:08 - 2014-04-09 22:20 - 430356235 _____ () C:\Users\obelix05\Desktop\Mein Film.wmv

2014-04-09 21:48 - 2014-04-09 21:48 - 00000000 ____D () C:\Windows\de

2014-04-09 21:48 - 2014-04-09 21:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2014-04-09 21:47 - 2014-04-09 21:47 - 00000000 ____D () C:\Program Files (x86)\Windows Live

2014-04-09 21:44 - 2014-04-09 21:45 - 71733513 _____ () C:\Users\obelix05\Desktop\8959233.flv

2014-04-09 21:44 - 2014-04-09 21:44 - 00000383 _____ () C:\Windows\DirectX.log

2014-04-09 21:42 - 2014-04-09 21:48 - 00000000 ____D () C:\Users\obelix05\AppData\Local\Windows Live

2014-04-09 21:40 - 2014-04-09 21:43 - 54453953 _____ () C:\Users\obelix05\Desktop\1397072398xneN6Cww.wmv

2014-04-09 21:35 - 2014-04-09 21:36 - 00000000 ____D () C:\Users\obelix05\Desktop\wälzlager montag

2014-04-09 21:06 - 2014-04-09 21:06 - 00000000 __SHD () C:\Users\obelix05\AppData\Local\EmieUserList

2014-04-09 21:06 - 2014-04-09 21:06 - 00000000 __SHD () C:\Users\obelix05\AppData\Local\EmieSiteList

2014-04-09 19:20 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-04-09 19:20 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-04-09 19:20 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-04-09 19:20 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-04-09 19:19 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-04-09 19:19 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-04-09 19:19 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-04-09 19:19 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-04-09 19:19 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-04-09 19:19 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-04-09 19:19 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-04-09 19:19 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-04-09 19:19 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-04-09 19:19 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-04-09 19:19 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-04-09 19:19 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-04-09 19:19 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-04-09 19:19 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-04-09 19:19 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-04-09 19:19 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-04-09 19:19 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-04-09 19:19 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-04-09 19:19 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-04-09 19:19 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-04-09 19:19 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-04-09 19:19 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-04-09 19:19 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-04-09 19:19 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-04-09 19:19 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-04-09 19:19 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-04-09 19:19 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-04-09 19:19 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-04-09 19:19 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-04-09 19:19 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-04-09 19:19 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-04-09 19:19 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-04-09 19:19 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-04-09 19:19 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-04-09 19:19 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-04-09 19:19 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-04-09 19:19 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-04-09 19:19 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-04-09 19:19 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-04-09 19:19 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-04-09 19:19 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-04-09 19:19 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-04-09 19:19 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-04-09 19:19 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-04-09 19:02 - 2014-04-09 19:02 - 00000000 ____D () C:\Program Files\Nightly

2014-04-09 18:31 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-09 18:31 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2014-04-09 18:31 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2014-04-09 18:31 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2014-04-09 18:31 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2014-04-09 18:31 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2014-04-09 18:31 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2014-04-09 18:31 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2014-04-09 18:31 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2014-04-09 18:31 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2014-04-09 18:31 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2014-04-09 18:31 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2014-04-09 18:31 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2014-04-09 18:31 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys

2014-04-09 18:31 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll

2014-04-09 18:31 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll

2014-04-09 18:31 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2014-04-09 18:18 - 2014-04-09 18:18 - 00000000 ____D () C:\Windows\ERUNT

2014-04-09 18:08 - 2014-04-09 18:10 - 00000000 ____D () C:\AdwCleaner

2014-04-09 18:03 - 2014-04-09 18:03 - 00000990 _____ () C:\Windows\PFRO.log

2014-04-09 17:47 - 2014-04-09 18:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-09 17:47 - 2014-04-09 17:47 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-09 17:47 - 2014-04-09 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-09 17:47 - 2014-04-09 17:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-04-09 17:47 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-09 17:47 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-09 17:47 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-09 17:46 - 2014-04-09 17:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\obelix05\Desktop\mbam-setup-2.0.1.1004.exe

2014-04-09 17:43 - 2014-04-09 17:43 - 01426178 _____ () C:\Users\obelix05\Desktop\adwcleaner.exe

2014-04-09 17:43 - 2014-04-09 17:43 - 01016261 _____ (Thisisu) C:\Users\obelix05\Desktop\JRT.exe

2014-04-09 15:28 - 2014-04-09 15:28 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte

2014-04-09 07:12 - 2014-04-10 21:03 - 00000000 ____D () C:\FRST

2014-04-09 07:12 - 2014-04-09 07:12 - 02157056 _____ (Farbar) C:\Users\obelix05\Desktop\FRST64.exe

2014-04-08 15:44 - 2014-04-08 15:45 - 00027123 _____ () C:\Users\obelix05\Desktop\OTL.rar

2014-04-08 15:22 - 2014-04-08 15:44 - 00160392 _____ () C:\Users\obelix05\Desktop\OTL.Txt

2014-04-08 15:22 - 2014-04-08 15:27 - 00056990 _____ () C:\Users\obelix05\Desktop\Extras.Txt

2014-04-08 15:04 - 2014-04-08 15:05 - 00602112 _____ (OldTimer Tools) C:\Users\obelix05\Desktop\OTL.exe

2014-04-08 13:18 - 2014-04-10 20:49 - 00000784 _____ () C:\Windows\setupact.log

2014-04-08 13:18 - 2014-04-08 13:18 - 00345048 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-08 13:18 - 2014-04-08 13:18 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-08 12:43 - 2014-04-08 12:43 - 00086224 _____ () C:\Users\obelix05\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-07 14:30 - 2014-04-07 14:30 - 00000243 _____ () C:\Users\obelix05\Desktop\elektronik.txt

2014-04-07 13:24 - 2014-04-07 13:24 - 00000000 ____D () C:\Program Files (x86)\Auslogics

2014-03-30 19:32 - 2014-03-30 19:32 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iTunes

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iPod

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-03-26 07:45 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-03-26 07:45 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\system32\NV

2014-03-25 18:55 - 2013-10-27 10:04 - 02273568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwmi64.exe

2014-03-25 18:55 - 2013-10-27 10:04 - 00004078 _____ () C:\Windows\system32\nvPerfProvider.man

2014-03-25 18:49 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2014-03-25 18:49 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-03-25 18:49 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-03-25 18:49 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2014-03-25 18:49 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2014-03-25 18:49 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-03-25 18:49 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-03-25 18:49 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2014-03-25 18:49 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-03-25 18:49 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2014-03-25 18:49 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2014-03-25 18:49 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2014-03-25 18:49 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-03-25 18:49 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-03-25 18:49 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2014-03-25 18:49 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2014-03-25 18:26 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-03-25 18:26 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-03-25 16:53 - 2014-04-01 12:43 - 00002182 _____ () C:\Users\obelix05\.kdiff3rc

2014-03-25 15:35 - 2014-03-25 15:35 - 00000000 ____D () C:\ProgramData\Measurement Computing

2014-03-25 15:32 - 2014-03-25 15:32 - 00000000 ____D () C:\Program Files (x86)\Measurement Computing

2014-03-25 14:36 - 2014-03-31 12:10 - 00000205 _____ () C:\Users\obelix05\mercurial.ini

2014-03-25 14:17 - 2014-04-07 18:00 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\TortoiseHg

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\TortoiseHg

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays

2014-03-25 10:06 - 2014-03-25 10:06 - 00000734 _____ () C:\Users\Public\Desktop\Arduino.lnk

2014-03-25 10:04 - 2014-03-25 10:09 - 00000000 ____D () C:\Programme

2014-03-25 09:59 - 2014-03-27 12:02 - 00000000 ____D () C:\Users\obelix05\Documents\Arduino

2014-03-25 09:59 - 2014-03-25 09:59 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Arduino

2014-03-12 16:26 - 2014-03-12 16:20 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe

2014-03-12 16:25 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-03-12 16:25 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll

2014-03-12 16:25 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll

2014-03-12 16:25 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2014-03-12 16:24 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-03-12 16:24 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-03-12 16:24 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-03-12 16:24 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-03-12 16:21 - 2014-03-12 16:21 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys

2014-03-12 16:20 - 2014-03-12 16:20 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll

2014-03-12 16:20 - 2014-03-12 16:20 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys

2014-03-12 16:19 - 2014-03-12 16:19 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
 

==================== One Month Modified Files and Folders =======
 

2014-04-10 21:03 - 2014-04-10 21:03 - 00023328 _____ () C:\Users\obelix05\Desktop\FRST.txt

2014-04-10 21:03 - 2014-04-09 07:12 - 00000000 ____D () C:\FRST

2014-04-10 21:02 - 2014-04-10 18:39 - 00000938 _____ () C:\Users\obelix05\Desktop\checkup.txt

2014-04-10 20:55 - 2013-08-28 15:00 - 01364006 _____ () C:\Windows\WindowsUpdate.log

2014-04-10 20:54 - 2013-09-02 18:03 - 00000000 ___RD () C:\Dropbox

2014-04-10 20:54 - 2013-09-02 18:01 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-04-10 20:54 - 2013-09-02 18:00 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Dropbox

2014-04-10 20:54 - 2013-08-28 15:01 - 00000000 ___RD () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-04-10 20:51 - 2013-11-21 22:06 - 00000000 ____D () C:\ProgramData\VMware

2014-04-10 20:51 - 2009-07-14 04:34 - 00000493 _____ () C:\Windows\win.ini

2014-04-10 20:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-10 20:49 - 2014-04-08 13:18 - 00000784 _____ () C:\Windows\setupact.log

2014-04-10 20:49 - 2013-08-28 15:18 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-04-10 18:16 - 2013-09-02 08:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-10 15:43 - 2013-09-20 08:14 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{02F03B64-C422-4D92-B904-40E1756D835A}

2014-04-10 15:09 - 2013-12-21 19:09 - 00000000 ____D () C:\download

2014-04-10 14:28 - 2014-04-09 22:45 - 01040671 _____ () C:\Users\obelix05\Desktop\Herstellung von Wälzlagern.pptx

2014-04-10 10:10 - 2014-04-10 10:09 - 63320784 _____ (Microsoft Corporation) C:\Users\obelix05\Desktop\IE11-Windows6.1-x64-de-de.exe

2014-04-10 09:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-04-10 09:00 - 2014-04-10 09:00 - 00001135 _____ () C:\Users\Public\Desktop\Opera.lnk

2014-04-10 09:00 - 2014-04-10 09:00 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Opera Software

2014-04-10 09:00 - 2014-04-10 09:00 - 00000000 ____D () C:\Users\obelix05\AppData\Local\Opera Software

2014-04-10 09:00 - 2014-04-10 09:00 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-04-10 08:41 - 2009-07-14 06:45 - 00019120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-10 08:41 - 2009-07-14 06:45 - 00019120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-09 22:22 - 2014-04-09 22:22 - 00003584 _____ () C:\Users\obelix05\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-04-09 22:21 - 2014-04-09 22:21 - 00005295 _____ () C:\Users\obelix05\Desktop\Mein Film.wlmp

2014-04-09 22:20 - 2014-04-09 22:08 - 430356235 _____ () C:\Users\obelix05\Desktop\Mein Film.wmv

2014-04-09 21:48 - 2014-04-09 21:48 - 00000000 ____D () C:\Windows\de

2014-04-09 21:48 - 2014-04-09 21:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2014-04-09 21:48 - 2014-04-09 21:42 - 00000000 ____D () C:\Users\obelix05\AppData\Local\Windows Live

2014-04-09 21:47 - 2014-04-09 21:47 - 00000000 ____D () C:\Program Files (x86)\Windows Live

2014-04-09 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-04-09 21:45 - 2014-04-09 21:44 - 71733513 _____ () C:\Users\obelix05\Desktop\8959233.flv

2014-04-09 21:44 - 2014-04-09 21:44 - 00000383 _____ () C:\Windows\DirectX.log

2014-04-09 21:43 - 2014-04-09 21:40 - 54453953 _____ () C:\Users\obelix05\Desktop\1397072398xneN6Cww.wmv

2014-04-09 21:36 - 2014-04-09 21:35 - 00000000 ____D () C:\Users\obelix05\Desktop\wälzlager montag

2014-04-09 21:06 - 2014-04-09 21:06 - 00000000 __SHD () C:\Users\obelix05\AppData\Local\EmieUserList

2014-04-09 21:06 - 2014-04-09 21:06 - 00000000 __SHD () C:\Users\obelix05\AppData\Local\EmieSiteList

2014-04-09 21:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-04-09 19:22 - 2013-09-01 22:53 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-04-09 19:18 - 2013-08-28 16:07 - 00000000 ____D () C:\Windows\system32\MRT

2014-04-09 19:16 - 2013-08-28 16:07 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-04-09 19:02 - 2014-04-09 19:02 - 00000000 ____D () C:\Program Files\Nightly

2014-04-09 18:49 - 2013-09-28 17:20 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Spotify

2014-04-09 18:18 - 2014-04-09 18:18 - 00000000 ____D () C:\Windows\ERUNT

2014-04-09 18:10 - 2014-04-09 18:08 - 00000000 ____D () C:\AdwCleaner

2014-04-09 18:07 - 2014-04-09 17:47 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-09 18:03 - 2014-04-09 18:03 - 00000990 _____ () C:\Windows\PFRO.log

2014-04-09 18:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss

2014-04-09 17:47 - 2014-04-09 17:47 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-09 17:47 - 2014-04-09 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-09 17:47 - 2014-04-09 17:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-04-09 17:46 - 2014-04-09 17:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\obelix05\Desktop\mbam-setup-2.0.1.1004.exe

2014-04-09 17:43 - 2014-04-09 17:43 - 01426178 _____ () C:\Users\obelix05\Desktop\adwcleaner.exe

2014-04-09 17:43 - 2014-04-09 17:43 - 01016261 _____ (Thisisu) C:\Users\obelix05\Desktop\JRT.exe

2014-04-09 17:41 - 2013-09-28 17:21 - 00000000 ____D () C:\Users\obelix05\AppData\Local\Spotify

2014-04-09 15:28 - 2014-04-09 15:28 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte

2014-04-09 14:34 - 2013-09-28 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-04-09 12:31 - 2013-09-02 08:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-04-09 12:31 - 2013-09-02 08:05 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-04-09 12:31 - 2013-09-02 08:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-04-09 12:31 - 2013-09-01 23:00 - 00000000 ____D () C:\Users\obelix05\AppData\Local\Adobe

2014-04-09 07:12 - 2014-04-09 07:12 - 02157056 _____ (Farbar) C:\Users\obelix05\Desktop\FRST64.exe

2014-04-08 15:45 - 2014-04-08 15:44 - 00027123 _____ () C:\Users\obelix05\Desktop\OTL.rar

2014-04-08 15:44 - 2014-04-08 15:22 - 00160392 _____ () C:\Users\obelix05\Desktop\OTL.Txt

2014-04-08 15:27 - 2014-04-08 15:22 - 00056990 _____ () C:\Users\obelix05\Desktop\Extras.Txt

2014-04-08 15:05 - 2014-04-08 15:04 - 00602112 _____ (OldTimer Tools) C:\Users\obelix05\Desktop\OTL.exe

2014-04-08 13:18 - 2014-04-08 13:18 - 00345048 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-04-08 13:18 - 2014-04-08 13:18 - 00000000 _____ () C:\Windows\setuperr.log

2014-04-08 12:43 - 2014-04-08 12:43 - 00086224 _____ () C:\Users\obelix05\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-08 12:38 - 2014-01-19 12:40 - 00000000 ____D () C:\Users\obelix05\AppData\Local\LogMeIn Hamachi

2014-04-08 12:36 - 2013-08-29 00:55 - 00000000 ____D () C:\Windows\Panther

2014-04-08 12:31 - 2013-09-28 18:30 - 00000000 ____D () C:\Program Files\CCleaner

2014-04-07 18:00 - 2014-03-25 14:17 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\TortoiseHg

2014-04-07 17:40 - 2013-08-28 15:56 - 00702388 _____ () C:\Windows\system32\perfh007.dat

2014-04-07 17:40 - 2013-08-28 15:56 - 00151022 _____ () C:\Windows\system32\perfc007.dat

2014-04-07 17:40 - 2009-07-14 07:13 - 01628954 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-07 14:30 - 2014-04-07 14:30 - 00000243 _____ () C:\Users\obelix05\Desktop\elektronik.txt

2014-04-07 13:24 - 2014-04-07 13:24 - 00000000 ____D () C:\Program Files (x86)\Auslogics

2014-04-07 12:56 - 2013-12-14 10:49 - 00000000 ____D () C:\Windows\Minidump

2014-04-03 09:51 - 2014-04-09 17:47 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 09:51 - 2014-04-09 17:47 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 09:50 - 2014-04-09 17:47 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-02 14:56 - 2013-09-24 08:22 - 00004044 _____ () C:\Users\obelix05\AppData\Roaming\LTspiceIV.ini

2014-04-01 20:55 - 2013-09-02 22:03 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Apple Computer

2014-04-01 12:43 - 2014-03-25 16:53 - 00002182 _____ () C:\Users\obelix05\.kdiff3rc

2014-03-31 16:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-03-31 12:10 - 2014-03-25 14:36 - 00000205 _____ () C:\Users\obelix05\mercurial.ini

2014-03-31 12:10 - 2013-08-28 15:00 - 00000000 ____D () C:\Users\obelix05

2014-03-30 19:32 - 2014-03-30 19:32 - 00001789 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iTunes

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files\iPod

2014-03-30 19:31 - 2014-03-30 19:31 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-03-30 19:29 - 2013-09-02 22:01 - 00000000 ____D () C:\ProgramData\Apple

2014-03-27 12:02 - 2014-03-25 09:59 - 00000000 ____D () C:\Users\obelix05\Documents\Arduino

2014-03-26 07:55 - 2013-09-24 20:55 - 00000000 ____D () C:\Users\obelix05\Documents\NetBeansProjects

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-03-26 07:35 - 2014-03-26 07:35 - 00000000 ____D () C:\Windows\system32\NV

2014-03-25 18:55 - 2013-08-28 15:17 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-03-25 18:55 - 2013-08-28 15:17 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-03-25 18:55 - 2013-08-28 15:17 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-03-25 18:48 - 2013-08-28 15:26 - 01603234 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2014-03-25 15:35 - 2014-03-25 15:35 - 00000000 ____D () C:\ProgramData\Measurement Computing

2014-03-25 15:32 - 2014-03-25 15:32 - 00000000 ____D () C:\Program Files (x86)\Measurement Computing

2014-03-25 14:34 - 2013-11-19 12:06 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\CodeBlocks

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\TortoiseHg

2014-03-25 14:16 - 2014-03-25 14:16 - 00000000 ____D () C:\Program Files\Common Files\TortoiseOverlays

2014-03-25 10:09 - 2014-03-25 10:04 - 00000000 ____D () C:\Programme

2014-03-25 10:06 - 2014-03-25 10:06 - 00000734 _____ () C:\Users\Public\Desktop\Arduino.lnk

2014-03-25 09:59 - 2014-03-25 09:59 - 00000000 ____D () C:\Users\obelix05\AppData\Roaming\Arduino

2014-03-17 23:00 - 2013-09-02 20:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-03-17 23:00 - 2013-09-02 20:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-03-13 19:27 - 2013-09-02 20:50 - 00000492 __RSH () C:\Users\obelix05\ntuser.pol

2014-03-12 16:27 - 2013-09-02 08:09 - 00000000 ____D () C:\ProgramData\Sophos

2014-03-12 16:27 - 2013-09-01 23:07 - 00000000 ____D () C:\Program Files (x86)\SOPHOS

2014-03-12 16:21 - 2014-03-12 16:21 - 00038144 _____ (Sophos Limited) C:\Windows\system32\Drivers\sdcfilter.sys

2014-03-12 16:20 - 2014-03-12 16:26 - 00035624 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe

2014-03-12 16:20 - 2014-03-12 16:20 - 00176120 _____ (Sophos Limited) C:\Windows\system32\sdccoinstaller.dll

2014-03-12 16:20 - 2014-03-12 16:20 - 00027904 _____ (Sophos Limited) C:\Windows\system32\Drivers\SophosBootDriver.sys

2014-03-12 16:19 - 2014-03-12 16:19 - 00158976 _____ (Sophos Limited) C:\Windows\system32\Drivers\savonaccess.sys
 

Some content of TEMP:

====================

C:\Users\obelix05\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb0y49s.dll

C:\Users\obelix05\AppData\Local\Temp\Quarantine.exe

C:\Users\obelix05\AppData\Local\Temp\Shockwave_Installer_FF.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-09 14:24
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014

Ran by obelix05 at 2014-04-10 21:04:00

Running from C:\Users\obelix05\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}

AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)

Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)

Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.3.0 - Auslogics Labs Pty Ltd)

AuthenTec Fingerprint Software (HKLM\...\{5F1DFCC1-595D-4235-A044-E05B706D800A}) (Version: 9.0.8.35 - AuthenTec, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - )

CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)

Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)

CodeBlocks (HKCU\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dassault Systemes Software B19 (HKLM\...\Dassault Systemes B19_0) (Version:  - )

Dassault Systemes Software Prerequisites x86-x64 (HKLM\...\{CF1EB598-B424-436A-B15F-B763846BA970}) (Version: 8.1.3 - Dassault Systemes)

DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.15.0134 - Fujitsu Technology Solutions)

Dropbox (HKCU\...\Dropbox) (Version: 2.6.27 - Dropbox, Inc.)

FEMBEAM 1.43 (HKLM-x32\...\ST6UNST #1) (Version:  - )

FJ Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.9.4 - SunplusIT)

Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)

Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden

Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.002 - FUJITSU LIMITED)

Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.002 - FUJITSU LIMITED) Hidden

Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.4.4.0 - FUJITSU LIMITED)

Fujitsu System Extension Utility (Version: 3.4.4.0 - FUJITSU LIMITED) Hidden

GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.56.0 - International GeoGebra Institute)

GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32)

InstaCal for Windows (HKLM-x32\...\{2255E2F6-3226-4BE3-8A52-397FDCBA5DB1}) (Version: 6.31 - Measurement Computing Corporation)

Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)

Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)

Intel(R) PRO/Wireless Driver (Version: 16.06.2000.0671 - Intel Corporation) Hidden

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)

Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{105fa5c4-72e1-41f2-a82c-884d8aa4b381}) (Version: 16.6.0 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (Version: 16.06.0000.0280 - Intel Corporation) Hidden

Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)

LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.3.2.0 - FUJITSU LIMITED)

LIFEBOOK Application Panel (Version: 8.3.2.0 - FUJITSU LIMITED) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden

LTspice IV (HKLM-x32\...\LTspice IV) (Version:  - )

Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

MatheAss 8.2 (HKLM-x32\...\MatheAss_is1) (Version:  - MatheAss)

MatheGrafix 10 (Version 10.1) (HKLM-x32\...\MatheGrafix 10_is1) (Version:  - )

Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Mathematics (64-bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)

Microsoft Mathematics-Add-In (32 Bit) (HKLM-x32\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.041222.01 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

MinGW-Get version 0.5-beta-20120426-1 (HKLM-x32\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW)

Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

NetBeans IDE 7.3.1 (HKLM-x32\...\nbi-nb-base-7.3.1.0.201306052037) (Version: 7.3.1 - NetBeans.org)

Nightly 31.0a1 (x64 en-US) (HKLM\...\Nightly 31.0a1 (x64 en-US)) (Version: 31.0a1 - Mozilla)

NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)

NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden

NVIDIA nView 140.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 140.75 - NVIDIA Corporation)

NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden

NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden

NVIDIA WMI 2.15.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.15.0 - NVIDIA Corporation)

O2Micro OZ776 SCR Driver (HKLM-x32\...\InstallShield_{7F1540E7-E524-4258-B611-5800D70FD407}) (Version: 2.1.4.216GS - O2Micro)

O2Micro OZ776 SCR Driver (Version: 2.1.4.216GS - O2Micro) Hidden

Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)

PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

PhoneClean 3.2.0 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 3.2.0 - iMobie Inc.)

Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 6.2.0.1 - FUJITSU LIMITED)

Plugfree NETWORK (Version: 6.2.001 - FUJITSU LIMITED) Hidden

Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.042 - FUJITSU LIMITED)

Program-Link FA-CP1 (Single License) (HKLM-x32\...\{53FB84B2-23CC-47BE-903F-EC1841459509}) (Version: 1.0.3.0 - CASIO COMPUTER CO., LTD.)

Qt Creator (HKCU\...\Qt Creator) (Version: 2.8.1 - Qt Project)

Qt OpenSource 4.8.5 (HKLM-x32\...\Qt OpenSource 4.8.5 - C:_Qt_4.8.5) (Version: 4.8.5 - Digia Plc)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6505 - Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)

Shock Sensor Driver (HKLM-x32\...\InstallShield_{BFA53004-F544-4356-B0F9-735D69623447}) (Version: 1.01.00.002 - FUJITSU LIMITED)

Shock Sensor Driver (Version: 1.01.00.002 - FUJITSU LIMITED) Hidden

Shock Sensor Utility (HKLM-x32\...\InstallShield_{4E7C12AC-8F19-49CC-87C3-0EAAD952F6B3}) (Version: 5.01.00.001 - FUJITSU LIMITED)

Shock Sensor Utility (Version: 5.01.00.001 - FUJITSU LIMITED) Hidden

Sierra Wireless QMI Fujitsu Driver Package (HKLM-x32\...\SWIFujitsuDrvInstaller) (Version: 2.8.1210.1 - Sierra Wireless Inc.)

Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)

Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)

Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.44.1 - Synaptics Incorporated)

System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)

Tabellenbuch Metall 7.0 (HKLM-x32\...\Tabellenbuch Metall 7.0) (Version: 7.0 - Verlag Europa-Lehrmittel)

tools-freebsd (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-linux (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-netware (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-solaris (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-windows (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

tools-winPre2k (x32 Version: 9.2.2.894247 - VMware, Inc.) Hidden

TortoiseHg 2.11.1 (x64) (HKLM\...\{A0A48C39-F6D7-4827-B815-C96A24AD6349}) (Version: 2.11.1 - Steve Borho and others)

Trust tablet driver (HKLM\...\RmTablet) (Version: 5.01 - )

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

VBA (3821b) (x32 Version: 6.01.00.1234 - Microsoft Corporation) Hidden

VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 9.0.1 - VMware, Inc)

VMware Workstation (Version: 9.0.1 - VMware, Inc.) Hidden

WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation)

WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)

Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden

WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Worms World Party (HKLM-x32\...\{9A200E68-D5F4-4E70-910F-2871753A0E2B}) (Version:  - )
 

==================== Restore Points  =========================
 

07-04-2014 11:04:17 Removed Need for Speed(TM) Hot Pursuit

08-04-2014 13:11:42 OTL Restore Point - 08.04.2014 15:11:41

09-04-2014 17:15:36 Windows Update

09-04-2014 19:42:33 Windows Live Essentials

09-04-2014 19:43:10 DirectX wurde installiert

09-04-2014 19:44:48 DirectX wurde installiert

09-04-2014 19:45:24 DirectX wurde installiert

09-04-2014 19:47:06 WLSetup
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2014-01-17 21:36 - 00000858 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1        gosredirector.ea.com
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0F1BEF5F-98E4-41F4-8AF4-8C026800469F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {76DA0695-AC44-4C38-81A8-1B4F483A531C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)

Task: {ACB2CEF9-DD1B-484F-BE00-43A6F71854B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-09] (Adobe Systems Incorporated)

Task: {BB3A100A-52EE-4EC3-A760-5641E238AE7D} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-08-28 15:17 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-03-19 08:09 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2013-09-06 15:08 - 2012-09-10 13:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe

2013-09-06 15:08 - 2012-10-19 11:01 - 00581120 _____ () C:\Windows\system32\atwtusb.exe

2012-11-01 02:57 - 2012-11-01 02:57 - 13234176 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2012-11-01 03:34 - 2012-11-01 03:34 - 01260184 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll

2014-04-10 20:54 - 2014-04-10 20:54 - 00041984 _____ () c:\users\obelix05\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb0y49s.dll

2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\obelix05\AppData\Roaming\Dropbox\bin\libcef.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\Services: CVPND => 2

MSCONFIG\Services: Hamachi2Svc => 2

MSCONFIG\Services: LMIGuardianSvc => 2

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: ATSwpNav => "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run

MSCONFIG\startupreg: FJ Camera_Monitor => C:\Program Files (x86)\FJ Camera\monitor.exe

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\obelix05\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

MSCONFIG\startupreg: TortoiseHgOverlayIconServer => C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe

MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
 

==================== Faulty Device Manager Devices =============
 

Name: Cisco Systems VPN Adapter for 64-bit Windows

Description: Cisco Systems VPN Adapter for 64-bit Windows

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: CVirtA

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: TOSHIBA MK5061GSYN

Description: Laufwerk

Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}

Manufacturer: (Standardlaufwerke)

Service: disk

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Intel(R) 82579LM Gigabit Network Connection

Description: Intel(R) 82579LM Gigabit Network Connection

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Intel

Service: e1cexpress

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/10/2014 08:51:05 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/10/2014 06:37:27 PM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (04/10/2014 02:57:10 PM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (04/10/2014 02:57:05 PM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (04/10/2014 02:57:05 PM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (04/10/2014 02:44:24 PM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (04/10/2014 08:28:38 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/09/2014 09:02:31 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/09/2014 08:59:51 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (04/10/2014 08:52:20 PM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (04/10/2014 08:51:46 PM) (Source: Service Control Manager) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

CBUL32
 

Error: (04/10/2014 10:30:40 AM) (Source: DCOM) (User: DER0992C2)

Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}DER0992C2obelix05S-1-5-21-2605420704-2655928431-54774813-1000LocalHost (unter Verwendung von LRPC)
 

Error: (04/10/2014 10:30:23 AM) (Source: DCOM) (User: DER0992C2)

Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}DER0992C2obelix05S-1-5-21-2605420704-2655928431-54774813-1000LocalHost (unter Verwendung von LRPC)
 

Error: (04/10/2014 10:11:19 AM) (Source: DCOM) (User: DER0992C2)

Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}DER0992C2obelix05S-1-5-21-2605420704-2655928431-54774813-1000LocalHost (unter Verwendung von LRPC)
 

Error: (04/10/2014 10:11:13 AM) (Source: DCOM) (User: DER0992C2)

Description: ComputerstandardLokalAktivierung{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}DER0992C2obelix05S-1-5-21-2605420704-2655928431-54774813-1000LocalHost (unter Verwendung von LRPC)
 

Error: (04/10/2014 08:29:48 AM) (Source: DCOM) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (04/10/2014 08:28:46 AM) (Source: Service Control Manager) (User: )

Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 

CBUL32
 

Error: (04/09/2014 09:26:14 PM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
 

Error: (04/09/2014 09:26:11 PM) (Source: Schannel) (User: NT-AUTORITÄT)

Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-04-10 21:02:03.271

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-10 20:52:49.871

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-10 18:37:19.893

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-10 18:24:29.908

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-10 18:13:00.415

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-10 18:03:10.872

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-10 17:28:32.722

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-10 17:20:41.625

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-10 15:28:00.911

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-10 15:09:30.473

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 30%

Total physical RAM: 8032.49 MB

Available physical RAM: 5589.17 MB

Total Pagefile: 16063.16 MB

Available Pagefile: 13566.84 MB

Total Virtual: 8192 MB

Available Virtual: 8191.83 MB
 

==================== Drives ================================
 

Drive c: (2. HDD) (Fixed) (Total:465.54 GB) (Free:318.7 GB) NTFS

Drive w: (WWP) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 00000000)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

Jetzt ist der Rechner mal sauber. Aber:

Zitat:

Und mir ist auch aufgefallen, dass seit dem Problem die Festplatte nach dem Start meiner Einschätzung nach extrem lang rödelt bis sie ruhe gibt...

Hardware verabschiedet sich? Festplatte schon mal tiefer getestet?

Das klingt gut. Was meinst du mit tiefer testen? Ich habe den TuneUp-Test gemacht. Der hat nix gefunden.

mit Seatools testen:

SeaTools for Windows | Seagate

Danke für den Tipp....
Das Tool sagt aber auch das alles I.O. ist. Naja gut, dann muss ich wohl in den sauren Apfel beißen und mein System neu aufsetzen. Hilft wahrscheinlich nix. Ich fang dann mal an... ;)
Aber ich danke dir vielmals für deine guten Tipps und deine Zeit.:dankeschoen:
Macht weiter so!!! :party: