Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PC sehr lahm & Taskmanager friert ein

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 01.04.2013, 01:30   #1
T0bbes
 
PC sehr lahm & Taskmanager friert ein - Standard

PC sehr lahm & Taskmanager friert ein



Hallo,

vorab, ich sollte zukünftig nur noch in VirtualBox arbeiten

Mein Problem besteht im folgendem: Ich merke meinem PC zwischendurch einfach an, dass er sehr langsam und zäh ist. Wenn ich dann den Taskmanager öffne, ist die CPU Auslastung fast durchgehend bei 80% - verursacht durch den Tasksmanager. Allerdings ist der Taskmanager auch "eingefroren". Die Werte aktualisieren sich nicht mehr und der Taskmanager lässt sich nicht bedienen - er ist also mehr oder weniger abgestürzt...

Vielleicht könnt Ihr mir helfen. Anbei meine gewünschten Log Dateien.
Gmer stürzt bei mir immer wieder ab. Diesen Log kann ich euch leider nicht bieten.


PS: Bei der Erstellung der Dateien lief im Hintergrund immer mein nvidia Treiber - hoffe das ist nicht schlimm...

DankeeeOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 01.04.2013 01:59:50 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\USER\Desktop
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16519)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 73,19% Memory free
4,79 Gb Paging File | 3,52 Gb Available in Paging File | 73,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,31 Gb Total Space | 37,81 Gb Free Space | 38,85% Space Free | Partition Type: NTFS
Drive E: | 358,34 Gb Total Space | 317,55 Gb Free Space | 88,62% Space Free | Partition Type: NTFS
 
Computer Name: USER-LAPTOP | User Name: USER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\USER\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Buhl\WISO Börse 2013\bin\watchdog.exe (vwd Vereinigte Wirtschaftsdienste AG)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (StarMoney 9.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (WB13WatchDog) -- C:\Program Files (x86)\Buhl\WISO Börse 2013\bin\watchdog.exe (vwd Vereinigte Wirtschaftsdienste AG)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (klwfp) -- C:\Windows\SysNative\Drivers\klwfp.sys (Kaspersky Lab ZAO)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\Drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\Drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\Drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\Drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\Drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\Drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\Drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (klelam) -- C:\Windows\SysNative\Drivers\klelam.sys (Kaspersky Lab)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (kl1) -- C:\Windows\SysNative\Drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\Drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\Drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 8C B3 16 BE 1F CE 01  [binary data]
IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4078574652-3258648240-622095683-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: feedly%40devhd:10.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\USER\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.03.13 10:54:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.13 09:42:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.03.17 17:48:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2013.03.13 09:44:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Extensions
[2013.03.15 23:33:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\Firefox\Profiles\ieirqt9j.default\extensions
[2013.03.15 23:33:31 | 000,637,327 | ---- | M] () (No name found) -- C:\Users\USER\AppData\Roaming\mozilla\firefox\profiles\ieirqt9j.default\extensions\feedly@devhd.xpi
[2013.03.13 09:42:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.03.13 10:54:31 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM
[2013.03.07 16:30:04 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.07 17:45:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.07 17:45:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.07 17:45:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.07 17:45:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.07 17:45:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.07 17:45:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: BIODIGITAL HUMAN = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: Google Docs = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: Anatomy 3D = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgiaifohbadjmcpafbhhgkobokjoiod\1.5_0\
CHR - Extension: Anatomy 3D = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgiaifohbadjmcpafbhhgkobokjoiod\1.5_0\.bak
CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Modul f\u00FCr das Blockieren gef\u00E4hrlicher Webseiten = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\
CHR - Extension: Google Mail = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-4078574652-3258648240-622095683-1001..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-4078574652-3258648240-622095683-1001..\Run: [Spotify] C:\Users\USER\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-4078574652-3258648240-622095683-1001..\Run: [Spotify Web Helper] C:\Users\USER\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A8C593CC-946D-4931-8EA0-F70792CE2412}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{37fe6ca2-8bb0-11e2-be65-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{37fe6ca2-8bb0-11e2-be65-806e6f6e6963}\Shell\AutoRun\command - "" = "F:\setup.exe" 
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.01 01:56:02 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\USER\Desktop\OTL.exe
[2013.04.01 00:56:27 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.04.01 00:56:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2013.04.01 00:34:10 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.04.01 00:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2013.03.31 23:56:59 | 000,000,000 | ---D | C] -- C:\adobeTemp
[2013.03.31 23:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013.03.31 01:01:01 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\NVIDIA
[2013.03.31 01:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013.03.31 00:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.03.31 00:28:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013.03.29 19:01:49 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\FileZilla
[2013.03.29 19:01:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013.03.29 19:01:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2013.03.27 15:48:46 | 000,000,000 | ---D | C] -- C:\Users\USER\.thumbnails
[2013.03.27 15:46:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\fontconfig
[2013.03.27 15:46:14 | 000,000,000 | ---D | C] -- C:\Users\USER\.gimp-2.8
[2013.03.27 15:46:13 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\gegl-0.2
[2013.03.27 15:14:59 | 000,000,000 | ---D | C] -- C:\Users\USER\Aptana Rubles
[2013.03.27 15:14:55 | 000,000,000 | ---D | C] -- C:\Users\USER\My Documents
[2013.03.27 15:13:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aptana
[2013.03.27 15:13:37 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Aptana Studio 3
[2013.03.26 23:32:11 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Warframe
[2013.03.26 21:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.03.26 21:26:05 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Programs
[2013.03.26 16:16:15 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\WISO Mein Geld
[2013.03.26 16:05:05 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Buhl Data Service GmbH
[2013.03.26 16:01:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Mein Geld 2013
[2013.03.26 15:57:36 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Buhl Data Service
[2013.03.26 15:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\StarMoney 9.0
[2013.03.26 15:47:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarMoney 9.0
[2013.03.26 15:45:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Objects
[2013.03.26 15:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\StarFinanz
[2013.03.26 15:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarMoney 9.0
[2013.03.26 15:44:35 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013.03.26 15:40:15 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Buhl Data Service
[2013.03.26 15:40:08 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\WISO Börse 2013
[2013.03.26 15:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Börse 2013
[2013.03.26 15:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH
[2013.03.26 15:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Buhl Data Service
[2013.03.26 15:35:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 9.0
[2013.03.26 15:34:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
[2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1033
[2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1031
[2013.03.26 15:33:42 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\1031
[2013.03.26 15:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 R2
[2013.03.26 15:31:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013.03.26 15:30:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013.03.26 15:29:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Buhl
[2013.03.26 15:29:16 | 000,000,000 | ---D | C] -- C:\ProgramData\WISO Börse 2013
[2013.03.26 14:14:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2013.03.26 14:14:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2013.03.26 14:13:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2013.03.26 14:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2013.03.26 14:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2013.03.25 17:20:28 | 000,000,000 | ---D | C] -- C:\Users\USER\Documents\Test
[2013.03.25 17:20:09 | 000,000,000 | ---D | C] -- C:\Users\USER\bluej
[2013.03.25 15:36:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2013.03.25 15:36:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2013.03.25 15:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2013.03.25 01:23:09 | 000,000,000 | ---D | C] -- C:\Users\USER\workspace
[2013.03.25 00:03:38 | 000,000,000 | ---D | C] -- C:\Users\USER\.android
[2013.03.25 00:03:00 | 000,000,000 | ---D | C] -- C:\Users\USER\SDK
[2013.03.24 21:56:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2013.03.24 21:55:59 | 000,000,000 | ---D | C] -- C:\Users\USER\SystemRequirementsLab
[2013.03.24 21:16:54 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Apple Computer
[2013.03.24 21:16:54 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Apple Computer
[2013.03.24 21:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.03.24 21:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.03.24 21:15:05 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Apple
[2013.03.24 21:15:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.03.24 21:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.03.24 21:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.03.24 21:14:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.03.24 21:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.03.24 21:14:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.03.22 01:25:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\NetBeans
[2013.03.22 01:25:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\NetBeans
[2013.03.22 01:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\glassfish-3.1.2.2
[2013.03.22 01:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
[2013.03.22 01:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\NetBeans 7.3
[2013.03.22 00:56:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.03.22 00:48:14 | 000,000,000 | ---D | C] -- C:\Users\USER\.nbi
[2013.03.21 20:51:21 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Skype
[2013.03.21 20:51:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.03.21 20:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.03.21 20:51:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.03.21 20:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.03.20 19:21:47 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ
[2013.03.20 19:21:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BlueJ
[2013.03.19 13:31:51 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends
[2013.03.19 13:31:46 | 000,000,000 | ---D | C] -- C:\xampp
[2013.03.18 23:52:52 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Spotify
[2013.03.18 23:52:38 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Spotify
[2013.03.18 17:57:29 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Unity
[2013.03.18 17:57:03 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Unity
[2013.03.18 17:50:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.03.18 17:49:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.03.18 17:49:23 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Google
[2013.03.17 21:06:34 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\OpenOffice.org
[2013.03.17 17:50:07 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Thunderbird
[2013.03.17 17:50:07 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Thunderbird
[2013.03.17 17:48:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.03.15 16:42:42 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2013.03.15 16:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2013.03.15 16:40:12 | 000,000,000 | ---D | C] -- C:\Users\USER\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
[2013.03.14 21:02:38 | 000,000,000 | ---D | C] -- C:\usb_driver
[2013.03.14 11:33:02 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Sublime Text 2
[2013.03.14 11:32:55 | 000,000,000 | ---D | C] -- C:\Program Files\Sublime Text 2
[2013.03.13 22:26:48 | 000,000,000 | ---D | C] -- C:\Users\USER\.zend
[2013.03.13 22:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013.03.13 22:26:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013.03.13 22:26:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.03.13 22:19:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\WinRAR
[2013.03.13 22:19:18 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.03.13 22:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.03.13 22:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.03.13 15:14:21 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Macromedia
[2013.03.13 15:10:45 | 000,000,000 | ---D | C] -- C:\Users\USER\VirtualBox VMs
[2013.03.13 15:10:13 | 000,000,000 | ---D | C] -- C:\Users\USER\.VirtualBox
[2013.03.13 15:09:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013.03.13 15:09:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.03.13 15:09:23 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013.03.13 10:41:52 | 000,000,000 | R--D | C] -- C:\Windows\BrowserChoice
[2013.03.13 10:18:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2013.03.13 10:18:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2013.03.13 10:08:01 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013.03.13 10:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.03.13 10:06:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013.03.13 10:06:38 | 000,612,696 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2013.03.13 10:06:38 | 000,089,944 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys
[2013.03.13 09:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013.03.13 09:56:22 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.03.13 09:56:22 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.03.13 09:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013.03.13 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.03.13 09:55:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.03.13 09:50:26 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Adobe
[2013.03.13 09:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.03.13 09:48:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013.03.13 09:45:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.03.13 09:44:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013.03.13 09:44:03 | 000,000,000 | ---D | C] -- C:\Intel
[2013.03.13 09:44:02 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Mozilla
[2013.03.13 09:44:02 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Mozilla
[2013.03.13 09:42:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.03.13 09:42:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.03.13 09:42:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.03.13 09:41:09 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Macromedia
[2013.03.13 09:39:10 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.03.13 09:39:10 | 000,000,000 | R--D | C] -- C:\Users\USER\Searches
[2013.03.13 09:39:10 | 000,000,000 | R--D | C] -- C:\Users\USER\Contacts
[2013.03.13 09:39:10 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.03.13 09:39:06 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Adobe
[2013.03.13 09:38:38 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\VirtualStore
[2013.03.13 09:38:28 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
[2013.03.13 09:38:28 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Packages
[2013.03.13 09:38:19 | 000,000,000 | --SD | C] -- C:\Users\USER\AppData\Roaming\Microsoft
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Videos
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Saved Games
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Pictures
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Music
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Links
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Favorites
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Downloads
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Documents
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\Desktop
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.03.13 09:38:19 | 000,000,000 | R--D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Vorlagen
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\AppData\Local\Verlauf
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\AppData\Local\Temporary Internet Files
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Startmenü
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\SendTo
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Recent
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Netzwerkumgebung
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Lokale Einstellungen
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Documents\Eigene Videos
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Documents\Eigene Musik
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Eigene Dateien
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Documents\Eigene Bilder
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Druckumgebung
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Cookies
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\AppData\Local\Anwendungsdaten
[2013.03.13 09:38:19 | 000,000,000 | -HSD | C] -- C:\Users\USER\Anwendungsdaten
[2013.03.13 09:38:19 | 000,000,000 | -H-D | C] -- C:\Users\USER\AppData
[2013.03.13 09:38:19 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Temp
[2013.03.13 09:38:19 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Local\Microsoft
[2013.03.13 09:38:19 | 000,000,000 | ---D | C] -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.03.13 09:38:18 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2013.03.13 09:38:14 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.03.13 09:36:05 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.03.13 09:33:42 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.03.13 09:33:03 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.03.13 09:32:42 | 000,000,000 | ---D | C] -- C:\Windows\Panther
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.01 01:58:56 | 000,000,000 | ---- | M] () -- C:\Users\USER\defogger_reenable
[2013.04.01 01:58:23 | 000,377,856 | ---- | M] () -- C:\Users\USER\Desktop\gmer_2.1.19155.exe
[2013.04.01 01:56:20 | 000,050,477 | ---- | M] () -- C:\Users\USER\Desktop\Defogger.exe
[2013.04.01 01:56:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\USER\Desktop\OTL.exe
[2013.04.01 01:54:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.01 01:45:50 | 001,928,686 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.01 01:45:50 | 000,818,446 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.01 01:45:50 | 000,775,556 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.01 01:45:50 | 000,180,228 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.01 01:45:50 | 000,157,016 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.01 01:41:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.01 01:40:39 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.01 01:39:33 | 004,928,936 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.01 01:39:08 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.04.01 01:38:47 | 3362,271,232 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.01 01:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.31 12:54:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2013.03.31 00:02:53 | 000,001,518 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2013.03.29 14:11:42 | 000,002,768 | ---- | M] () -- C:\Users\USER\AppData\Local\recently-used.xbel
[2013.03.27 15:13:55 | 000,001,091 | ---- | M] () -- C:\Users\USER\Desktop\Aptana Studio 3.lnk
[2013.03.26 21:27:47 | 000,000,880 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013.03.26 16:01:49 | 000,001,343 | ---- | M] () -- C:\Users\Public\Desktop\Belegschnellerfassung.lnk
[2013.03.26 16:01:49 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\WISO Mein Geld 2013.lnk
[2013.03.26 15:47:16 | 000,002,038 | ---- | M] () -- C:\Users\Public\Desktop\StarMoney 9.0.lnk
[2013.03.26 15:40:14 | 000,000,031 | ---- | M] () -- C:\Windows\iltwain.ini
[2013.03.26 15:39:51 | 000,002,178 | ---- | M] () -- C:\Users\Public\Desktop\WISO Börse 2013.lnk
[2013.03.26 15:37:20 | 001,952,668 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.25 15:36:07 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.03.24 21:16:47 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.03.22 01:04:13 | 000,002,017 | ---- | M] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk
[2013.03.20 19:21:47 | 000,001,881 | ---- | M] () -- C:\Users\USER\Desktop\BlueJ.lnk
[2013.03.19 13:31:51 | 000,000,614 | ---- | M] () -- C:\Users\USER\Desktop\XAMPP Control Panel.lnk
[2013.03.18 23:52:51 | 000,001,772 | ---- | M] () -- C:\Users\USER\Desktop\Spotify.lnk
[2013.03.18 17:50:17 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.17 17:48:56 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.03.15 16:42:42 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.03.14 20:36:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.03.13 15:09:37 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.03.13 10:54:28 | 000,050,088 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klwfp.sys
[2013.03.13 10:54:28 | 000,029,016 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klkbdflt.sys
[2013.03.13 10:54:27 | 000,612,696 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2013.03.13 10:22:51 | 000,002,340 | ---- | M] () -- C:\Users\USER\Desktop\Sicherer Zahlungsverkehr.lnk
[2013.03.13 10:21:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.03.13 10:08:02 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013.03.13 09:49:17 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.03.13 09:42:45 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.13 09:35:00 | 000,052,435 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.03.13 09:35:00 | 000,052,435 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2013.04.01 01:58:56 | 000,000,000 | ---- | C] () -- C:\Users\USER\defogger_reenable
[2013.04.01 01:58:23 | 000,377,856 | ---- | C] () -- C:\Users\USER\Desktop\gmer_2.1.19155.exe
[2013.04.01 01:56:20 | 000,050,477 | ---- | C] () -- C:\Users\USER\Desktop\Defogger.exe
[2013.04.01 00:27:02 | 000,001,650 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk
[2013.04.01 00:25:45 | 000,001,518 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
[2013.03.31 23:58:36 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Fireworks CS6.lnk
[2013.03.31 23:56:33 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013.03.31 12:54:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2013.03.31 00:35:26 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2013.03.31 00:34:27 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
[2013.03.31 00:33:25 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2013.03.31 00:32:47 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2013.03.31 00:29:56 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2013.03.31 00:29:50 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2013.03.31 00:02:53 | 000,001,530 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
[2013.03.31 00:02:53 | 000,001,518 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2013.03.29 14:11:42 | 000,002,768 | ---- | C] () -- C:\Users\USER\AppData\Local\recently-used.xbel
[2013.03.27 15:13:55 | 000,001,091 | ---- | C] () -- C:\Users\USER\Desktop\Aptana Studio 3.lnk
[2013.03.26 21:27:47 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013.03.26 21:27:47 | 000,000,880 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2013.03.26 16:01:49 | 000,001,343 | ---- | C] () -- C:\Users\Public\Desktop\Belegschnellerfassung.lnk
[2013.03.26 16:01:49 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\WISO Mein Geld 2013.lnk
[2013.03.26 15:47:16 | 000,002,038 | ---- | C] () -- C:\Users\Public\Desktop\StarMoney 9.0.lnk
[2013.03.26 15:40:13 | 000,000,031 | ---- | C] () -- C:\Windows\iltwain.ini
[2013.03.26 15:39:51 | 000,002,178 | ---- | C] () -- C:\Users\Public\Desktop\WISO Börse 2013.lnk
[2013.03.26 15:37:01 | 001,952,668 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.25 15:36:07 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2013.03.24 21:16:47 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.03.24 21:15:02 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.03.22 01:04:13 | 000,002,017 | ---- | C] () -- C:\Users\Public\Desktop\NetBeans IDE 7.3.lnk
[2013.03.20 19:21:47 | 000,001,881 | ---- | C] () -- C:\Users\USER\Desktop\BlueJ.lnk
[2013.03.19 13:31:51 | 000,000,614 | ---- | C] () -- C:\Users\USER\Desktop\XAMPP Control Panel.lnk
[2013.03.18 23:52:51 | 000,001,772 | ---- | C] () -- C:\Users\USER\Desktop\Spotify.lnk
[2013.03.18 23:52:51 | 000,001,758 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2013.03.18 17:50:17 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.03.18 17:49:31 | 000,001,138 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.18 17:49:30 | 000,001,134 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.17 17:48:56 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.03.17 17:48:55 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2013.03.15 16:42:42 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2013.03.14 21:08:02 | 004,928,936 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.14 20:36:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.03.14 11:32:56 | 000,000,822 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk
[2013.03.13 15:09:37 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.03.13 15:06:42 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.13 10:53:01 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2013.03.13 10:53:01 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.03.13 10:22:52 | 000,001,323 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013.lnk
[2013.03.13 10:22:50 | 000,002,340 | ---- | C] () -- C:\Users\USER\Desktop\Sicherer Zahlungsverkehr.lnk
[2013.03.13 10:21:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.03.13 10:08:27 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013.03.13 09:56:45 | 003,536,817 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2013.03.13 09:54:27 | 000,386,577 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.03.13 09:49:17 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.03.13 09:49:17 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.03.13 09:42:45 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.13 09:42:45 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.03.13 09:39:06 | 000,001,438 | ---- | C] () -- C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.03.13 09:35:29 | 3362,271,232 | -HS- | C] () -- C:\hiberfil.sys
[2013.03.13 09:33:07 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2012.12.14 03:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.12.14 03:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.12.14 03:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2013.03.26 15:32:37 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 01:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 01:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.03.26 15:57:36 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Buhl Data Service
[2013.03.26 17:27:25 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Buhl Data Service GmbH
[2013.04.01 00:56:27 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.03.29 19:21:25 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\FileZilla
[2013.03.22 01:25:29 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\NetBeans
[2013.03.17 21:06:34 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\OpenOffice.org
[2013.03.30 13:19:49 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Spotify
[2013.04.01 00:34:10 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.03.14 11:33:03 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Sublime Text 2
[2013.03.17 17:50:07 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Thunderbird
[2013.03.18 17:57:29 | 000,000,000 | ---D | M] -- C:\Users\USER\AppData\Roaming\Unity
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 01.04.2013 01:59:50 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\USER\Desktop
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16519)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,86 Gb Available Physical Memory | 73,19% Memory free
4,79 Gb Paging File | 3,52 Gb Available in Paging File | 73,42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,31 Gb Total Space | 37,81 Gb Free Space | 38,85% Space Free | Partition Type: NTFS
Drive E: | 358,34 Gb Total Space | 317,55 Gb Free Space | 88,62% Space Free | Partition Type: NTFS
 
Computer Name: USER-LAPTOP | User Name: USER | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Users\USER\AppData\Local\Aptana Studio 3\AptanaStudio3.exe ()
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Users\USER\AppData\Local\Aptana Studio 3\AptanaStudio3.exe ()
 
[HKEY_USERS\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- "C:\Users\USER\AppData\Local\Aptana Studio 3\AptanaStudio3.exe" "%1" ()
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] -- "C:\Users\USER\AppData\Local\Aptana Studio 3\AptanaStudio3.exe" "%1" ()
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{163EA6E7-25E5-4852-9743-D0CD846D6CFF}" = rport=80 | protocol=6 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\warframe.exe | 
"{183AF7E6-BB21-4B69-9D50-1C3AFE027E61}" = rport=80 | protocol=6 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\warframe.x64.exe | 
"{8C5661D5-9064-4A2E-8022-095A4351D4B0}" = rport=80 | protocol=6 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\tools\launcher.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20F439DE-F90A-46CF-A772-9E53DDF6F91E}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{2A058FF1-2DD8-4EBF-9E05-C3F62A3E6C7F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{2C57A6DD-76CB-4C28-8703-359CF2192BD2}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{3BBDFCBB-455B-4196-988B-19A3643267EF}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{5209BADF-63EF-4F86-A166-586048DE713A}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{557D236D-E6F9-4751-8B2A-F051C72797F5}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{57A76B58-3D1D-48D8-8C4E-F436479B2DA3}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{5B5281E5-03A5-4DEC-B847-1A28D58850A8}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 9.0\ouservice\starmoneyonlineupdate.exe | 
"{5BADE28A-47F5-404E-A7E7-640BCCDEED31}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{62CD4F95-3359-4309-AAEC-641D6AEA6F56}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 9.0\app\starmoney.exe | 
"{69A49BB1-4621-4463-9F66-E3EE86987327}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{69C68EC3-AE2D-482F-B9AD-EE5DE8F2628B}" = protocol=17 | dir=in | app=e:\steamlibrary\steamapps\common\warframe\warframe.exe | 
"{6E66D02A-C561-4974-B386-DE7E2C4B5884}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{7825632B-B231-4E87-969F-AAEB050BF44F}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{7D138443-A0CB-4AE4-A32B-AB8A7F5A070C}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{80F4AD0D-1D6F-48F0-83E9-810ED383464D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{8501D07B-C509-4EF2-B5CA-07E1AD173D27}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{88FF451B-66C5-4B78-A67F-7710F0BEE6EE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{92FD5CDF-62E6-45FA-88C0-F45116C49E17}" = protocol=17 | dir=in | app=e:\steamlibrary\steamapps\common\warframe\warframe.x64.exe | 
"{9C88511B-9B2D-4331-A138-68AB6848BFB2}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{9EDB39F0-3152-466C-996A-F16D52F0E31E}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{A3E51785-C7F0-4977-A0C4-9AFD8C431F15}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{A6F8E789-C079-4349-ACBC-CE63BFB43C57}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{AE422A9F-FB9A-432A-A1D7-158FE505D854}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B46FACB5-F74E-4E2A-96DA-72EF43BD6BD8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{B628814F-4070-480C-9718-87CE5A8F1593}" = protocol=17 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\warframe.exe | 
"{B6450A9C-225C-41C6-B8CF-DE565DD7858C}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{BA538A0A-B242-4FC9-834A-9741371455AE}" = protocol=17 | dir=out | app=e:\steamlibrary\steamapps\common\warframe\warframe.x64.exe | 
"{BDCE60E6-17E9-4ECA-8922-6FDAFE6AAAAD}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{BEC8FE15-46E6-4814-BCE3-EC936E2D7542}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{BF9B8A4F-352C-4DE0-AEBB-910910479CE4}" = protocol=6 | dir=in | app=c:\program files (x86)\starmoney 9.0\ouservice\starmoneyonlineupdate.exe | 
"{C0539643-98A7-4CF5-8D82-BBF3DE08F509}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{CB420944-7069-406D-8AF2-388995903860}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{D92557FC-8454-4C9A-A722-2E1C0BB1C148}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{DD7B59B3-E71A-4B7E-9344-9823A905AA56}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EB080FBC-38E3-4C80-9383-E6443992CE1C}" = protocol=17 | dir=in | app=c:\program files (x86)\starmoney 9.0\app\starmoney.exe | 
"{F1D61347-67C1-427A-9096-B5E925E3A571}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{992B55F9-FD13-42C5-8B3C-B7E9F998A969}" = Microsoft SQL Server 2008 R2 Native Client
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C017D5C7-E2C0-4276-8C8A-0CB6D5914DDD}" = Oracle VM VirtualBox 4.2.8
"{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}" = Microsoft SQL Server VSS Writer
"GIMP-2_is1" = GIMP 2.8.4
"nbi-glassfish-mod-3.1.2.23.2" = GlassFish Server Open Source Edition 3.1.2.2
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"Sublime Text 2_is1" = Sublime Text 2.0.1
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{3BDEDA44-E016-4643-A740-68618D8CCFA2}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 SP2 Database Engine Shared
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{5A6DB7C1-E646-4842-A562-49C5EB8F2B47}" = StarMoney
"{5BD39911-A12F-4562-98BA-A6E03E3370B1}" = SQL Server 2008 R2 SP2 Database Engine Services
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D66971C-652B-4065-A6B1-B3EE313C254B}" = BlueJ
"{8DD113A8-811A-404E-A4D7-443D014946AC}" = Microsoft SQL Server Browser
"{92906ADC-9482-4DDB-870D-0F1F535EAD91}" = SQL Server 2008 R2 SP2 Common Files
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA2D735-3375-42D4-9A61-3FFEF82599D6}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup 
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9EDF3504-9467-4A90-A2DB-662B95448C07}" = WISO Börse 2013
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB8A9818-0809-49A7-8A13-C08BD7F13A42}" = Microsoft SQL Server 2008 R2-Setup (Deutsch)
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 SP2 Database Engine Services
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}" = Adobe Fireworks CS6
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 SP2 Common Files
"{DAC580DB-6629-43B9-98DD-8BABA515B958}" = WISO Mein Geld 2013 Professional
"{E23D424C-A06B-4572-8A7C-6AD1F6EFA437}" = StarMoney 9.0 
"{E9380A3D-7A10-4988-B2A1-22A41C137D9F}" = SQL Server 2008 R2 SP2 Database Engine Shared
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F902AB2B-7816-4CBD-A385-F2549F62956B}" = StarMoney
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Android SDK Tools" = Android SDK Tools
"Aptana Studio 3" = Aptana Studio 3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"FileZilla Client" = FileZilla Client 3.6.0.2
"Google Chrome" = Google Chrome
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"Mozilla Thunderbird 17.0.4 (x86 de)" = Mozilla Thunderbird 17.0.4 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 108800" = Crysis 2 Maximum Edition
"Steam App 209870" = Blacklight: Retribution
"Steam App 230410" = Warframe
"WISO Börse 2013" = WISO Börse 2013
"WISO Mein Geld 2013 Professional" = WISO Mein Geld 2013 Professional
"xampp" = XAMPP 1.8.1
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-4078574652-3258648240-622095683-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.03.2013 07:14:41 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3312
 
Error - 31.03.2013 07:14:43 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 31.03.2013 07:14:43 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5703
 
Error - 31.03.2013 07:14:43 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5703
 
Error - 31.03.2013 09:26:32 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 31.03.2013 09:26:32 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3062
 
Error - 31.03.2013 09:26:32 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3062
 
Error - 31.03.2013 10:27:23 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 31.03.2013 10:27:23 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9750
 
Error - 31.03.2013 10:27:23 | Computer Name = USER-Laptop | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9750
 
[ System Events ]
Error - 13.03.2013 04:17:07 | Computer Name = USER-Laptop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070103 fehlgeschlagen: NVIDIA driver update for NVIDIA GeForce GT 540M
 
Error - 16.03.2013 09:09:19 | Computer Name = USER-Laptop | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?16.?03.?2013 um 00:24:52 unerwartet heruntergefahren.
 
Error - 18.03.2013 10:39:58 | Computer Name = USER-Laptop | Source = DCOM | ID = 10016
Description = 
 
Error - 25.03.2013 09:39:21 | Computer Name = USER-Laptop | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 25.03.2013 09:39:21 | Computer Name = USER-Laptop | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 26.03.2013 18:27:42 | Computer Name = USER-Laptop | Source = DCOM | ID = 10000
Description = 
 
Error - 27.03.2013 10:44:12 | Computer Name = USER-Laptop | Source = DCOM | ID = 10010
Description = 
 
Error - 27.03.2013 10:44:12 | Computer Name = USER-Laptop | Source = DCOM | ID = 10010
Description = 
 
Error - 31.03.2013 06:52:54 | Computer Name = USER-Laptop | Source = DCOM | ID = 10010
Description = 
 
Error - 31.03.2013 06:52:54 | Computer Name = USER-Laptop | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         
--- --- ---

Alt 04.04.2013, 11:23   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC sehr lahm & Taskmanager friert ein - Standard

PC sehr lahm & Taskmanager friert ein



Hallo,

Hast du noch weitere Logs (mit Funden)? Ist dein Virenscanner jemals fündig geworden?

Malwarebytes und/oder andere Virenscanner?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 04.04.2013, 19:30   #3
T0bbes
 
PC sehr lahm & Taskmanager friert ein - Standard

PC sehr lahm & Taskmanager friert ein



Nabend,

nein Kaspersky hat bisher noch nie angeschlagen. Es existieren keine weiteren Logs.
Habe Windows auch erst vor ein paar Wochen neu aufgesetzt.
__________________

Alt 04.04.2013, 23:28   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC sehr lahm & Taskmanager friert ein - Standard

PC sehr lahm & Taskmanager friert ein



Und zufälligerweise hast du das Problem seit der Neuinstallation oder wie? Bitte mehr Infos
Welches Betriebssystem war denn vor der Neuinstallation drauf
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.04.2013, 12:37   #5
T0bbes
 
PC sehr lahm & Taskmanager friert ein - Standard

PC sehr lahm & Taskmanager friert ein



Hatte vorher auch W8 Pro (64Bit) drauf.
Aber ich habe festgestellt, dass wenn Kaspersky ausgeschaltet ist, dass das System wesentlich besser läuft. Kasperksy hat irgendwelche Probleme mit Java. Immer wenn Java im Hintergrund läuft, wird es problematisch. Vielleicht sollte ich den Support von Kaspersky mal anschreiben - da kauft man sich eine Antiviren Software und bekommt mehr Probleme als vorher

Ich denke ich werde heute Ubuntu draufknallen. Aber dank dir


Alt 05.04.2013, 13:59   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC sehr lahm & Taskmanager friert ein - Standard

PC sehr lahm & Taskmanager friert ein



Typisch Security Suite, diese Teile sind die besten Systembremsen
__________________
--> PC sehr lahm & Taskmanager friert ein

Antwort

Themen zu PC sehr lahm & Taskmanager friert ein
auslastung, autorun, bho, bonjour, down, ebanking, error, firefox, flash player, format, helper, homepage, iexplore.exe, install.exe, installation, internet security 2013, kaspersky, kaspersky internet security 2013, klelam.sys, langsam, logfile, nvpciflt.sys, problem, registry, rundll, scan, security, sehr langsam, spotify web helper, starmoney, taskmanager, tastatur, visual studio, windows, wiso



Ähnliche Themen: PC sehr lahm & Taskmanager friert ein


  1. Pc sehr langsam und friert oft ein!
    Log-Analyse und Auswertung - 11.10.2014 (14)
  2. Programme starten sehr langsam / Windows allg. sehr lahm
    Log-Analyse und Auswertung - 18.05.2013 (2)
  3. Pc ist lahm - Mauszeiger blinkt - Anwendung friert ein...
    Log-Analyse und Auswertung - 28.11.2010 (3)
  4. PC sehr lahm bei geringer CPU Auslastung!
    Log-Analyse und Auswertung - 09.08.2010 (13)
  5. PC sehr lahm, Trojaner gemeldet.
    Log-Analyse und Auswertung - 05.03.2010 (12)
  6. Windows sehr Lahm
    Log-Analyse und Auswertung - 06.05.2009 (1)
  7. jump_help.exe etc..., Virus? - Rechner sehr lahm
    Plagegeister aller Art und deren Bekämpfung - 13.01.2009 (12)
  8. PC und Inet oft sehr lahm, mit log file
    Log-Analyse und Auswertung - 25.11.2008 (0)
  9. Programme sehr lahm beim schließen
    Log-Analyse und Auswertung - 15.11.2008 (1)
  10. PC sehr Lahm!
    Log-Analyse und Auswertung - 29.09.2008 (25)
  11. sehr viele unbekannte *dienste* im taskmanager
    Mülltonne - 24.09.2008 (0)
  12. PC nach Viren-/Trojanermeldung sehr lahm!
    Log-Analyse und Auswertung - 17.03.2008 (4)
  13. Könnt ihr mal drüber gucken? pc ist sehr lahm
    Mülltonne - 22.11.2007 (0)
  14. CPU 100%, XP SP2 lahm, friert ein
    Log-Analyse und Auswertung - 23.09.2007 (3)
  15. Rechner lahm,friert ein..Ursache?
    Plagegeister aller Art und deren Bekämpfung - 14.03.2007 (1)
  16. Pc Friert sehr häufig ein
    Alles rund um Windows - 16.01.2007 (8)
  17. DSL sehr lahm !!!!! Bitte um Hilfe !!!!!
    Log-Analyse und Auswertung - 02.02.2006 (1)

Zum Thema PC sehr lahm & Taskmanager friert ein - Hallo, vorab, ich sollte zukünftig nur noch in VirtualBox arbeiten Mein Problem besteht im folgendem: Ich merke meinem PC zwischendurch einfach an, dass er sehr langsam und zäh ist. Wenn - PC sehr lahm & Taskmanager friert ein...
Archiv
Du betrachtest: PC sehr lahm & Taskmanager friert ein auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.