pc nach registry cleaner sehr langsam

sofces · 14.08.2013, 16:34

Hallo liebes Board,

ich bin "leider" ein ziemlicher Laie und habe die Dummheit begangen eine Freeware vom registry cleaner über mein System laufen zu lassen :-(. Und nun habe ich das Problem, das mein Rechner gerade beim Aufbau der Internetseiten sehr langsam ist.

Ich kopiere euch mal die Einzelheiten rein:
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-08-2013
Ran by sofia (administrator) on 14-08-2013 13:44:09
Running from H:\trojaner
Microsoft Windows 8 Pro (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) ===================
 
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira GmbH) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
() C:\Windows\system32\PSIService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Realtek Semiconductor Corp\Realtek USB 2.0 Card Reader\reset.exe
() C:\Windows\SYSTEM32\Rezip.exe
() C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6609440 2008-10-31] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2008-10-31] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1557800 2009-08-28] (Synaptics Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [PDFPrint] - C:\Program Files\pdf24\pdf24.exe [162856 2013-06-10] (Geek Software GmbH)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [OutlookOnDesktop] - C:\Program Files\Outlook on the Desktop\OutlookDesktop.exe [265728 2012-06-28] (SMR Computer Services)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-06-11] (Google Inc.)
HKCU\...\Run: [Spotify] - C:\Users\sofia\AppData\Roaming\Spotify\Spotify.exe [7880664 2012-11-29] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\sofia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-29] (Spotify Ltd)
HKCU\...\Run: [SCheck] - C:\Users\sofia\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] ()
HKCU\...\Run: [SSync] - C:\Users\sofia\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] ()
HKCU\...\Run: [DataMgr] - C:\Users\sofia\AppData\Roaming\DataMgr\DataMgr.exe [168824 2013-07-21] (HTTO Group, Ltd.)
HKCU\...\Run: [Intermediate] - C:\Users\sofia\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] ()
HKU\sofia online\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2009-06-11] (Google Inc.)
HKU\sofia online\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [ 2012-07-26] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.piccshare.com/search.php?channel=sfde307&q={searchTerms}
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=VD&o=14770&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=V9&apn_dtid=YYYYYYYYDE&apn_uid=2BF0A51B-78A3-4926-BF2E-CE4FDB4B4CF3&apn_sauid=D182E7AB-955F-4CB2-902B-1E119B286534
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.piccshare.com/search.php?channel=sfde307&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - C:\Users\sofia\AppData\Local\ext_piccshare\ext_piccshare.dll (HTTO Group, Ltd)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -No Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No File
DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} https://vpn.kuhnrikon.ch:444/XTSAC.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 
FireFox:
========
FF ProfilePath: C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default
FF user.js: detected! => C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\user.js
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll No File
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: NitroPDF - C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.2 - C:\Users\sofia\AppData\Local\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll (Yahoo! Inc.)
FF SearchPlugin: C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\searchplugins\search_the_web.xml
FF SearchPlugin: C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\searchplugins\wot-safe-search.xml
FF Extension: No Name - C:\Users\sofia\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: CookieSafe - C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\Extensions\{9D23D0AA-D8F5-11DA-B3FC-0928ABF316DD}
FF Extension: WOT - C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: ST-de3 Community Toolbar - C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\Extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
FF Extension: ciuvo-extension - C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\Extensions\ciuvo-extension@sparwelt.de.xpi
FF Extension: ff_v0.6 - C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\Extensions\ff_v0.6@piccshare.com.xpi
FF Extension: gmailnoads - C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\Extensions\gmailnoads@mywebber.com.xpi
FF Extension: om - C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\Extensions\om@offermosquito.com.xpi
FF Extension: No Name - C:\Users\sofia\AppData\Roaming\Mozilla\Firefox\Profiles\e5yuzp84.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin
 
Chrome: 
=======
CHR RestoreOnStartup: "hxxp://search.piccshare.com/?channel=sfde307"
CHR DefaultSearchURL: (Search the web) - hxxp://search.piccshare.com/search.php?channel=sfde307&q={searchTerms}
CHR DefaultSuggestURL: (Search the web) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll ( )
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.2) - C:\Users\sofia\AppData\Local\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (PiccShare) - C:\Users\sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\docfnddcclkgokdfpnmngpiliiachclb\2.0_0
CHR Extension: (OfferMosquito) - C:\Users\sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.5_0
CHR Extension: (Gmail) - C:\Users\sofia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
 
========================== Services (Whitelisted) =================
 
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360 2011-04-29] (Avira GmbH)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480 2011-07-01] (Avira GmbH)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2011-10-09] (Flexera Software, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R3 MSSQL$MSSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2565632 2011-10-24] (Deutsche Telekom AG)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [196912 2011-06-21] (Nitro PDF Software)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 resetWinService; C:\Program Files\Realtek Semiconductor Corp\Realtek USB 2.0 Card Reader\reset.exe [70656 2008-10-29] ()
R2 Rezip; C:\Windows\SYSTEM32\Rezip.exe [311296 2009-03-05] ()
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [247152 2009-02-25] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S4 SQLAgent$MSSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13344 2013-01-29] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-07-16] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-07-16] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-07-16] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [66616 2011-07-01] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [138192 2011-07-01] (Avira GmbH)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 MobileAdapter; C:\Windows\System32\DRIVERS\qscnusb.sys [103552 2009-09-17] (QUALCOMM Incorporated)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1799808 2008-12-29] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2010-06-17] (Avira GmbH)
S3 TelekomNM3; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM3.sys [35040 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 WINIO; C:\Windows\system32\WinIo.sys [9336 2007-01-04] (hxxp://www.internals.com)
R3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation)
U3 idsvc; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-08-14 13:22 - 2013-08-14 13:24 - 00000472 _____ C:\Users\sofia\Downloads\defogger_disable.log
2013-08-14 13:22 - 2013-08-14 13:22 - 00050477 _____ C:\Users\sofia\Downloads\Defogger.exe
2013-08-14 13:22 - 2013-08-14 13:22 - 00000000 _____ C:\Users\sofia\defogger_reenable
2013-08-14 12:45 - 2013-08-14 12:45 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-14 12:45 - 2013-08-14 12:45 - 00000000 ____D C:\Users\sofia\AppData\Roaming\Malwarebytes
2013-08-14 12:45 - 2013-08-14 12:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-14 12:45 - 2013-08-14 12:45 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-14 12:45 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-08-14 12:44 - 2013-08-14 12:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sofia\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-08-14 12:43 - 2013-08-14 12:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sofia\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-14 12:39 - 2013-08-14 12:39 - 00001175 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2013-08-14 11:34 - 2013-08-14 11:38 - 00002220 _____ C:\WINDOWS\system32\ASOROSet.bin
2013-08-14 11:34 - 2013-08-14 11:34 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup
2013-08-14 11:21 - 2013-08-14 11:22 - 16523960 _____ (Tracker Software Products Ltd ) C:\Users\sofia\Downloads\PDFXVwer_2.5.211(1).exe
2013-08-14 11:20 - 2013-08-14 11:20 - 16523960 _____ (Tracker Software Products Ltd ) C:\Users\sofia\Downloads\PDFXVwer_2.5.211.exe
2013-08-14 10:57 - 2013-08-14 13:44 - 00000000 ____D C:\Users\sofia\Desktop\PMs HW2013
2013-08-13 15:51 - 2013-08-13 15:51 - 00344034 _____ C:\Users\sofia\Downloads\Sammelmappe.zip
2013-08-13 11:03 - 2013-08-14 11:56 - 00000000 ____D C:\Users\sofia\AppData\Roaming\Systweak
2013-08-13 11:03 - 2013-08-14 11:33 - 00000000 ____D C:\Program Files\MyPC Backup
2013-08-13 11:03 - 2013-02-28 16:27 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot.exe
2013-08-13 11:02 - 2013-08-13 11:02 - 04365864 _____ (Systweak Inc ) C:\Users\sofia\Downloads\rcpsetup_matomy_my2271.exe
2013-08-13 11:02 - 2013-08-13 11:02 - 04365864 _____ (Systweak Inc ) C:\Users\sofia\Downloads\rcpsetup_matomy_my2271 (1).exe
2013-08-08 10:58 - 2013-08-08 10:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-06 21:27 - 2013-08-06 21:27 - 00000017 _____ C:\Users\sofia\AppData\Local\resmon.resmoncfg
2013-08-06 21:08 - 2013-08-06 21:08 - 00000000 ____D C:\Users\sofia\Desktop\06.08.2013
2013-08-06 16:21 - 2013-08-06 16:21 - 03020664 _____ (Microsoft Corporation) C:\Users\sofia\Downloads\SyncToySetupPackage_v21_x86.exe
2013-08-06 16:02 - 2013-08-06 16:02 - 00122368 _____ C:\Users\sofia\Desktop\marken-matrix_228.xls
2013-08-06 16:01 - 2013-08-06 16:01 - 00122368 _____ C:\Users\sofia\Documents\marken-matrix_228.xls
2013-08-06 10:42 - 2013-08-06 14:40 - 00000862 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2013-08-06 10:41 - 2013-08-06 10:41 - 09277397 _____ C:\Users\sofia\Desktop\2013_Kuhn Rikon Neuheiten_HW.zip
2013-08-06 10:40 - 2013-08-06 10:41 - 02456418 _____ C:\Users\sofia\Downloads\7z930 (1).zip
2013-08-06 10:40 - 2013-08-06 10:40 - 00485379 _____ C:\Users\sofia\Desktop\split.zip
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\SSync
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\SCheck
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\PiccShare
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\Intermediate
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\DataMgr
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\Common
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Local\ext_piccshare
2013-08-06 10:38 - 2013-08-06 10:38 - 00392008 _____ (Softonic ) C:\Users\sofia\Downloads\SoftonicDownloader_fuer_7-zip.exe
2013-08-06 10:23 - 2013-08-06 10:28 - 02456418 _____ C:\Users\sofia\Downloads\7z930.zip
2013-08-06 09:35 - 2013-08-06 10:17 - 00000000 ____D C:\Users\sofia\Desktop\2013_Kuhn Rikon Neuheiten_HW
2013-07-24 18:54 - 2013-07-24 18:54 - 00000000 ____D C:\Users\sofia\Desktop\split
2013-07-24 18:45 - 2013-07-24 18:45 - 00000645 _____ C:\Users\sofia\Downloads\TerminExport_96733637tzc4115.ics
2013-07-22 22:57 - 2013-07-22 22:57 - 00117248 _____ C:\Users\sofia\Desktop\marken-matrix_1.xls
2013-07-21 15:24 - 2013-07-21 15:24 - 00047776 _____ C:\Users\sofia\AppData\Local\ext_piccshare_uninst.exe
2013-07-19 21:57 - 2013-06-17 00:33 - 00816896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-07-19 21:57 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-07-19 21:57 - 2013-06-01 12:09 - 00158976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2013-07-19 21:57 - 2013-06-01 12:09 - 00104704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2013-07-19 21:57 - 2013-06-01 11:50 - 01800960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-07-19 21:57 - 2013-06-01 11:42 - 00268032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-07-19 21:57 - 2013-06-01 11:42 - 00180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-07-19 21:57 - 2013-06-01 11:41 - 05573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-07-19 21:57 - 2013-06-01 11:41 - 00281344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2013-07-19 21:57 - 2013-06-01 11:26 - 00581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2013-07-19 21:57 - 2013-06-01 11:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2013-07-19 21:57 - 2013-06-01 11:25 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-07-19 21:57 - 2013-06-01 11:25 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2013-07-19 21:57 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2013-07-19 21:57 - 2013-06-01 11:25 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2013-07-19 21:57 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2013-07-19 21:57 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2013-07-19 21:57 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-07-19 21:57 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2013-07-19 21:57 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-07-19 21:57 - 2013-06-01 11:23 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2013-07-19 21:57 - 2013-06-01 11:23 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2013-07-19 21:57 - 2013-06-01 04:29 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2013-07-19 21:57 - 2013-05-25 00:08 - 01166232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-07-19 21:57 - 2013-05-25 00:08 - 01063960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-07-19 21:57 - 2013-05-25 00:08 - 01035512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-07-19 21:57 - 2013-05-25 00:08 - 00939448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-07-19 21:57 - 2013-05-20 02:08 - 00386642 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-07-19 00:25 - 2013-08-14 11:39 - 00467960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-18 10:33 - 2013-07-18 10:33 - 00000788 _____ C:\Users\sofia\Downloads\Verknüpfung mit Ferien Marketing 2013.xlsx.lnk
2013-07-16 13:03 - 2013-07-16 13:03 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum
2013-07-16 13:03 - 2013-07-16 13:03 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2013-07-16 13:03 - 2013-07-16 13:03 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum
 
==================== One Month Modified Files and Folders =======
 
2013-08-14 13:44 - 2013-08-14 10:57 - 00000000 ____D C:\Users\sofia\Desktop\PMs HW2013
2013-08-14 13:38 - 2012-04-18 10:02 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-08-14 13:35 - 2013-08-14 13:35 - 00000000 ____D C:\FRST
2013-08-14 13:31 - 2012-11-03 11:17 - 01770584 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-14 13:29 - 2012-07-26 08:03 - 01352270 _____ C:\WINDOWS\setupact.log
2013-08-14 13:24 - 2013-08-14 13:22 - 00000472 _____ C:\Users\sofia\Downloads\defogger_disable.log
2013-08-14 13:22 - 2013-08-14 13:22 - 00050477 _____ C:\Users\sofia\Downloads\Defogger.exe
2013-08-14 13:22 - 2013-08-14 13:22 - 00000000 _____ C:\Users\sofia\defogger_reenable
2013-08-14 13:22 - 2012-11-03 10:52 - 00000000 ____D C:\Users\sofia
2013-08-14 13:18 - 2009-09-24 14:27 - 00000000 ___RD C:\Users\sofia\Desktop\BÜRO
2013-08-14 13:00 - 2012-07-26 08:53 - 00000000 ____D C:\WINDOWS\system32\sru
2013-08-14 12:55 - 2009-10-20 13:00 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-14 12:45 - 2013-08-14 12:45 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-14 12:45 - 2013-08-14 12:45 - 00000000 ____D C:\Users\sofia\AppData\Roaming\Malwarebytes
2013-08-14 12:45 - 2013-08-14 12:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-14 12:45 - 2013-08-14 12:45 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-14 12:45 - 2013-08-14 12:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sofia\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-08-14 12:45 - 2013-08-14 12:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\sofia\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-14 12:43 - 2010-01-14 14:04 - 00000000 ____D C:\Users\sofia\Desktop\SOFTWARE
2013-08-14 12:39 - 2013-08-14 12:39 - 00001175 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2013-08-14 12:18 - 2009-10-20 13:00 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-14 12:17 - 2012-07-26 08:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-14 12:17 - 2009-06-10 14:30 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-14 12:16 - 2012-07-26 06:17 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-08-14 11:56 - 2013-08-13 11:03 - 00000000 ____D C:\Users\sofia\AppData\Roaming\Systweak
2013-08-14 11:39 - 2013-07-19 00:25 - 00467960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-08-14 11:38 - 2013-08-14 11:34 - 00002220 _____ C:\WINDOWS\system32\ASOROSet.bin
2013-08-14 11:38 - 2012-11-03 10:46 - 00036852 _____ C:\WINDOWS\PFRO.log
2013-08-14 11:38 - 2012-07-26 06:17 - 84672512 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2013-08-14 11:38 - 2012-07-26 06:17 - 12320768 _____ C:\WINDOWS\system32\config\SYSTEM.bak
2013-08-14 11:38 - 2012-07-26 06:17 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-08-14 11:36 - 2012-07-26 06:17 - 00262144 _____ C:\WINDOWS\system32\config\SAM.bak
2013-08-14 11:34 - 2013-08-14 11:34 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup
2013-08-14 11:33 - 2013-08-13 11:03 - 00000000 ____D C:\Program Files\MyPC Backup
2013-08-14 11:22 - 2013-08-14 11:21 - 16523960 _____ (Tracker Software Products Ltd ) C:\Users\sofia\Downloads\PDFXVwer_2.5.211(1).exe
2013-08-14 11:20 - 2013-08-14 11:20 - 16523960 _____ (Tracker Software Products Ltd ) C:\Users\sofia\Downloads\PDFXVwer_2.5.211.exe
2013-08-14 03:00 - 2012-07-26 08:53 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-13 16:25 - 2009-10-22 22:54 - 00000000 ____D C:\Users\sofia\AppData\Local\CutePDF Writer
2013-08-13 15:51 - 2013-08-13 15:51 - 00344034 _____ C:\Users\sofia\Downloads\Sammelmappe.zip
2013-08-13 11:02 - 2013-08-13 11:02 - 04365864 _____ (Systweak Inc ) C:\Users\sofia\Downloads\rcpsetup_matomy_my2271.exe
2013-08-13 11:02 - 2013-08-13 11:02 - 04365864 _____ (Systweak Inc ) C:\Users\sofia\Downloads\rcpsetup_matomy_my2271 (1).exe
2013-08-13 09:31 - 2012-05-07 09:02 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-09 12:29 - 2012-11-03 11:18 - 02082470 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-08 10:59 - 2013-08-08 10:58 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-06 21:27 - 2013-08-06 21:27 - 00000017 _____ C:\Users\sofia\AppData\Local\resmon.resmoncfg
2013-08-06 21:08 - 2013-08-06 21:08 - 00000000 ____D C:\Users\sofia\Desktop\06.08.2013
2013-08-06 16:21 - 2013-08-06 16:21 - 03020664 _____ (Microsoft Corporation) C:\Users\sofia\Downloads\SyncToySetupPackage_v21_x86.exe
2013-08-06 16:02 - 2013-08-06 16:02 - 00122368 _____ C:\Users\sofia\Desktop\marken-matrix_228.xls
2013-08-06 16:01 - 2013-08-06 16:01 - 00122368 _____ C:\Users\sofia\Documents\marken-matrix_228.xls
2013-08-06 14:40 - 2013-08-06 10:42 - 00000862 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2013-08-06 11:55 - 2012-07-26 08:53 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-08-06 10:41 - 2013-08-06 10:41 - 09277397 _____ C:\Users\sofia\Desktop\2013_Kuhn Rikon Neuheiten_HW.zip
2013-08-06 10:41 - 2013-08-06 10:40 - 02456418 _____ C:\Users\sofia\Downloads\7z930 (1).zip
2013-08-06 10:40 - 2013-08-06 10:40 - 00485379 _____ C:\Users\sofia\Desktop\split.zip
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\SSync
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\SCheck
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\PiccShare
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\Intermediate
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\DataMgr
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Roaming\Common
2013-08-06 10:39 - 2013-08-06 10:39 - 00000000 ____D C:\Users\sofia\AppData\Local\ext_piccshare
2013-08-06 10:38 - 2013-08-06 10:38 - 00392008 _____ (Softonic ) C:\Users\sofia\Downloads\SoftonicDownloader_fuer_7-zip.exe
2013-08-06 10:38 - 2012-07-26 06:43 - 00000000 ___RD C:\Users\Public
2013-08-06 10:28 - 2013-08-06 10:23 - 02456418 _____ C:\Users\sofia\Downloads\7z930.zip
2013-08-06 10:17 - 2013-08-06 09:35 - 00000000 ____D C:\Users\sofia\Desktop\2013_Kuhn Rikon Neuheiten_HW
2013-07-24 18:54 - 2013-07-24 18:54 - 00000000 ____D C:\Users\sofia\Desktop\split
2013-07-24 18:45 - 2013-07-24 18:45 - 00000645 _____ C:\Users\sofia\Downloads\TerminExport_96733637tzc4115.ics
2013-07-22 22:57 - 2013-07-22 22:57 - 00117248 _____ C:\Users\sofia\Desktop\marken-matrix_1.xls
2013-07-21 15:24 - 2013-07-21 15:24 - 00047776 _____ C:\Users\sofia\AppData\Local\ext_piccshare_uninst.exe
2013-07-18 10:33 - 2013-07-18 10:33 - 00000788 _____ C:\Users\sofia\Downloads\Verknüpfung mit Ferien Marketing 2013.xlsx.lnk
2013-07-16 13:03 - 2013-07-16 13:03 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum
2013-07-16 13:03 - 2013-07-16 13:03 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2013-07-16 13:03 - 2013-07-16 13:03 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum
2013-07-16 13:03 - 2013-03-13 10:24 - 00175176 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-07-16 13:03 - 2013-01-14 22:26 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-07-16 13:03 - 2013-01-14 22:26 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-07-16 13:03 - 2012-07-26 08:53 - 00002577 _____ C:\WINDOWS\system32\config.nt
2013-07-15 09:28 - 2009-08-13 21:31 - 00000000 ____D C:\Users\sofia\AppData\Local\Adobe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-08-13 10:49
 
==================== End Of Log ============================

--- --- ---
FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-08-2013
Ran by sofia at 2013-08-14 13:46:05
Running from H:\trojaner
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
12Voip (Version: 4.03 build 543)
7-Zip 9.30 alpha
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 3.7.0.1530)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7)
Adobe Shockwave Player 11 (Version: 11)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
aTube Catcher (Version: 2.2.562)
AudibleManager (Version: 18087308.4759644.48.2008298907)
Autodesk DirectConnect 2012 32-bit (Version: 6.0.432.0)
Autodesk Material Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Medium Resolution Image Library 2012 (Version: 2.5.0.8)
Autodesk Showcase 2012 32-bit - German (Version: 6.0.0.0)
avast! Pro Antivirus (Version: 8.0.1489.0)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.719)
Bing Bar (Version: 7.0.619.0)
Bonjour (Version: 3.0.0.10)
Business Contact Manager for Microsoft Outlook 2010 (Version: 4.0.11308.0)
Business Contact Manager für Microsoft Outlook 2010 (Version: 4.0.11308.0)
CheapVoip (Version: 4.05 build 565)
Chinese Simplified Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
Corel Home Office - IPM (Version: 5.0)
Corel Home Office - Launcher (Version: 5.0.45)
Corel Home Office - Templates1 (Version: 5)
Corel Home Office (Version: 5.0.56)
Corel Home Office 5.0.56
Corel Home Office 5.0.56 (Version: 5.0.56)
Corel Painter Essentials 4
Corel Painter Essentials 4 (Version: 4.0)
CorelDRAW Essentials 4
CorelDRAW Essentials 4 - Content (Version: 4.0)
CorelDRAW Essentials 4 - Draw (Version: 4.0)
CorelDRAW Essentials 4 - Filters (Version: 4.0)
CorelDRAW Essentials 4 - ICA (Version: 4.0)
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0)
CorelDRAW Essentials 4 - Lang BR (Version: 4.0)
CorelDRAW Essentials 4 - Lang DE (Version: 4.0)
CorelDRAW Essentials 4 - Lang EN (Version: 4.0)
CorelDRAW Essentials 4 - Lang ES (Version: 4.0)
CorelDRAW Essentials 4 - Lang FR (Version: 4.0)
CorelDRAW Essentials 4 - Lang IT (Version: 4.0)
CorelDRAW Essentials 4 - Lang NL (Version: 4.0)
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0)
CorelDRAW Essentials 4 - Windows Shell Extension
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1)
CorelDRAW Essentials 4 (Version: 4.0)
CutePDF Writer 2.8
CyberLink MediaShow (Version: 4.1.2325)
CyberLink PhotoNow (Version: 1.1.5615)
CyberLink PowerDirector (Version: 7.0.2625)
CyberLink PowerDVD 8 (Version: 8.0.2606a)
CyberLink PowerProducer (Version: 5.0.1.1412)
CyberLink YouCam (Version: 2.0.2521)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Driver Whiz (Version: 8.0.1)
FileZilla Client 3.5.3 (Version: 3.5.3)
Foxlink Webcam (Version: 5.8.51000.202_WHQL)
Free FLV Converter V 6.92.0 (Version: 6.92.0.0)
Free PDF to Word Doc Converter v1.1 (Version: 1.1)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 28.0.1500.95)
Google Earth (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
iCloud (Version: 2.1.2.8)
Intel® Matrix Storage Manager
IrfanView (remove only) (Version: 4.27)
iTunes (Version: 11.0.4.4)
Java Auto Updater (Version: 2.0.2.4)
Java(TM) 6 Update 22 (Version: 6.0.220)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
McAfee Security Scan Plus (Version: 3.0.318.3)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Language Pack - deu (Version: 3.5.0.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework 2.0 Core Components (x86) ENU (Version: 2.0.1578.0)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU (Version: 2.0.1578.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft® Office Language Pack 2010 – Deutsch (Business Contact Manager für Microsoft Outlook 2010) (Version: 4.0.11308.0)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 23.0 (x86 de) (Version: 23.0)
Mozilla Maintenance Service (Version: 23.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 Essentials (Version: 8.3.124)
neroxml (Version: 1.0.0)
Netzmanager (Version: 1.07)
Nitro PDF Reader 2 (Version: 2.0.0.29)
NVIDIA 3D Vision Treiber 311.00 (Version: 311.00)
NVIDIA Drivers (Version: 1.3)
NVIDIA Grafiktreiber 311.00 (Version: 311.00)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1100)
NVIDIA Systemsteuerung 311.00 (Version: 311.00)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
Outlook on the Desktop 2.0.2
Palm Desktop (Version: 4.1.0410)
PDF Password Remover (Version: 1.0.6)
PDF24 Creator 5.6.0
PDF-Viewer (Version: 2.5.211.0)
PiccShare (HKCU Version: 2.0)
QuickTime (Version: 7.74.80.86)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader (Version: 6.0.6000.20111)
REALTEK Wireless LAN Driver (Version: 1.01.0092)
Saal Design Software (Version: 2.9.2)
Service Pack 1 für SQL Server 2008 (KB 968369) (Version: 10.1.2531.0)
SimpleOCR 3.1
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.3 (Version: 6.3.105)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8)
Spybot - Search & Destroy (Version: 1.6.2)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
Synaptics Pointing Device Driver (Version: 14.0.3.0)
SyncToy 2.1 (x86) (Version: 2.1.0)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (Version: 10.1.2531.0)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WISO Sparbuch 2010 (Version: 17.00.6531)
Yahoo! BrowserPlus 2.9.2
Yahoo! Software Update
 
 
==================== Restore Points =========================
 
13-08-2013 07:34:35 Windows-Sicherung
 
==================== Hosts content: ==========================
 
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0270C198-FB19-48E6-9750-0CC6E34CE113} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe No File
Task: {078F5C38-7F63-4BC2-B8B1-27D692814C5E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe No File
Task: {0796F786-806F-4CA2-833F-DA1487A9FD01} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe No File
Task: {0AE0C8B5-90DB-47EB-B632-95E59E61B59D} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3288982897-3909009238-839595945-1000
Task: {0E78FEE0-C387-4530-AC36-4D46887FBFD5} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {0F8F316B-405C-44D8-8032-97F77DC9E4AC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe No File
Task: {0FB9F3EA-4F42-41A0-B8CE-06CDEF09B849} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {109CF813-B285-4791-A244-FA5110F55C12} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {159DA30B-9B91-4267-A71F-5B7ACC15230D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {171B7BC3-A515-4D4F-9732-311C3FD36A85} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2012-07-26] (Microsoft Corp.)
Task: {174644D4-4E5F-4B13-893F-DC718163E165} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1D33AC64-01F5-45AE-BD2E-26353C7599BC} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {1D8927FA-4199-4D3A-9F4F-E348387FD9D0} - System32\Tasks\{A19B7C7B-F8A6-4112-921E-1BCADE2F6B7C} => c:\program files\google\chrome\application\chrome.exe [2013-07-25] (Google Inc.)
Task: {1E84DCB8-8C84-4436-A108-209A65086823} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1ED94071-F1F2-4502-8E18-082294AD574C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-20] (Google Inc.)
Task: {21EBABC3-315E-4262-91EA-833D48E9208B} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {2208A2E0-B4BE-4B52-B7BF-3BE41B271B4A} - System32\Tasks\{6228C9C6-2E2E-496E-8CE6-F7E4DD27A76B} => c:\program files\mozilla firefox\firefox.exe [2013-08-08] (Mozilla Corporation)
Task: {23F45838-8319-49EE-AAB0-0C968240EA55} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe No File
Task: {2E2779D8-FE83-4DB0-9B29-5EC7364770C6} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {307D6D3E-9D87-4CFD-B668-C60E8C86B0E3} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {311C4CC9-7320-42AB-B437-C1D02EEB6587} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {326AE943-DF1D-4FBF-BF9F-D753F8C36458} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {342D8E10-501F-4B38-A4C0-F2DE193B46E9} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {363B18FF-B363-4665-B1C4-DD7823139C45} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {3799C698-B9E2-4D51-86FC-B9B20E8DEF91} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {37A0D0CB-B025-47D8-B493-5CDC6AEB693A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe No File
Task: {3979CF68-CD08-46D3-A340-CB769AE09013} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {3B292858-FAAA-4B61-9C76-6902AEB7607B} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {3EC42D4C-09B0-49D9-A6A8-F2E1A94C0A74} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {3F232775-0F50-4B97-8DA6-869D8D7B230E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {4294B8A6-13BD-4733-8559-C8D558B6F597} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {44E19131-88E9-4238-9DCD-22306E438BB1} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {4600BAB0-9341-408D-BF70-FB879F3B6313} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe No File
Task: {4F2DA3E8-0B43-47C0-8811-45ECA435391F} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {4F8AF254-7C47-4AC8-8632-6F00311A4AAB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe No File
Task: {52D0B73A-E562-4EBC-826D-BC5556205042} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2013-01-29] (Microsoft Corporation)
Task: {545C008C-4471-44F8-AD15-96CB8BB2BB0C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs No File
Task: {56F59500-C4D1-4720-859F-13B4998AA792} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {5B88CA1D-EEEA-4BAC-9E36-D94BA7D5CC37} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {6495D7D8-52C0-4309-9097-247A7B9574CC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {664AA69D-F11E-4F9C-8328-D574EB576FE0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {67FF304D-1A11-4CB0-909A-A92DCFD95294} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {68070BBC-F2DE-4476-95C6-C2ED1ECE3D0F} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {696E9F7C-E751-47D9-9791-0192331FC3C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {74748E76-21FC-465C-ABE1-5E465834A900} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {753C8596-7415-46D3-AF5E-9EEC299E7D90} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {781B2499-1592-4F07-B755-AFE02F274C12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-20] (Google Inc.)
Task: {7A233FA1-BA48-4A98-8E89-81048ECDF007} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14] (Sun Microsystems, Inc.)
Task: {7B06BFC0-AD06-4F68-A54A-6F4D8EB83E15} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {7EBC5A66-ABD2-4B81-872F-BC7CA4AD5D55} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {837C8054-4C4D-4E56-9928-22ABBED3886B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe No File
Task: {886054F9-9A0F-4A6E-9B13-91D1A41DD236} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe No File
Task: {8E694376-21AC-46FA-8E80-C453341417E4} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {8E9D9160-D73E-454B-B184-6CE03F6C21D5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe No File
Task: {973628F1-FAD0-487A-B3EC-A318007483E8} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {978FDBFC-3290-4820-81A4-6CA284D418B1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15] (Adobe Systems Incorporated)
Task: {992F9DFB-9A07-48C0-A83D-C34A1EC78BDB} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {99768757-32DC-4E02-BE1E-2FE4783695EE} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {9A2E3E03-5CFE-4FE4-8E7E-B6E96AB0B8EC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {9C3ADA14-4FAF-445F-B971-A69F60A7C497} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {9D175E12-DB50-4682-9F62-F923B154AA57} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9D5AA398-7CB2-455C-95EF-5A7ED07B24D9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {A014EC55-F9EB-479D-9F4C-ACBE30C9E949} - System32\Tasks\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync
Task: {A8F39468-E5AC-4B26-9D74-B0F0A3B77579} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {ACB6E57E-BC06-4080-A58A-2E02E261B996} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {AFE9EACD-AC61-4642-A077-BB06D1147FC5} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {B53AA897-6672-4F85-A4B9-AE882973AD46} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {BA77EDB3-8D46-4DC6-ACC0-D6FF2FE23DCC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe No File
Task: {BB4910D3-79D9-461E-AC1B-915B8E8672A3} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BBDB1C6E-3286-4598-A6E2-0ECC3BD22536} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe No File
Task: {BC858B0C-7D0F-436F-B08B-50D51DF74306} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {C465A656-3917-43C0-B40A-4EBBE8708BB9} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {C66B8D31-A32F-4AF7-800E-475B2C2BE27D} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {C7B00221-71A0-4FB5-84F5-F1A8A2CA1B2A} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {C843F0C3-3F44-41E4-8FEB-34EAD1160C89} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {C84A55E1-E867-403B-A4D2-176ED94B2178} - System32\Tasks\{262A33A1-D76F-4FB9-B456-4313A36DDF31} => C:\Program Files\Skype\Phone\Skype.exe [2013-02-28] (Skype Technologies S.A.)
Task: {C8DE9F61-0A93-4CC6-BAC2-C3C9528D200A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D1926625-02AF-40E5-9B62-003E87DA60F9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe No File
Task: {D1CDD09C-5F29-4A7F-8FB4-897B439CC9A9} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {D51F96D0-CA9A-496B-9992-9B359757AC62} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe No File
Task: {D6D04EEE-AB07-433D-93B2-0D3548F7BA21} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\WINDOWS\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {DB093196-5CB8-45FD-BBA3-4C9CB50DCE6A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe No File
Task: {E3F2C42C-4547-49CD-A14F-FDDA37794A75} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {E3FC5136-FFFE-42DA-BB1D-6C62CAEB4585} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {E438CEF2-684E-468B-881B-A52C35F217F7} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe No File
Task: {E4457445-9B65-4180-972E-FC145976C891} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2012-07-26] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs No File
Task: {E5C1E036-C272-46B7-ACD6-57623D1D3AFE} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-20] (Google)
Task: {E60C98D3-B41B-482A-AC61-DD19EDF2841D} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {E690E062-74AF-4130-AD4F-B0136657EB58} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe No File
Task: {EF851A8F-9E3F-4C82-B2B3-8ACB914BA2CF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe No File
Task: {EF9592CE-7796-47A6-9CD5-8630640D45BB} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {EFAD8DF8-44CC-49E8-943D-2641B487C103} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {F273F7E8-98FA-47D0-BFE3-8B71C8C3E9A8} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {F413C755-E3DC-4075-BB1E-AC60C1CA9AEA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {F5157BEF-37D9-4CAC-B0B5-624D2B289C84} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {F5A5C008-E08E-469D-9056-87E487ADF401} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe No File
Task: {F69E710E-D481-4685-9A82-C1B0C2369EB5} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {F6E06073-27B2-48BB-8FA1-AAA8B50066D0} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/13/2013 09:48:38 AM) (Source: Windows Backup) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
 
Error: (08/09/2013 00:29:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10343
 
Error: (08/09/2013 00:29:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10343
 
Error: (08/09/2013 00:29:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/09/2013 00:28:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8907
 
Error: (08/09/2013 00:28:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8907
 
Error: (08/09/2013 00:28:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/09/2013 00:28:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7488
 
Error: (08/09/2013 00:28:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7488
 
Error: (08/09/2013 00:28:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/14/2013 00:17:10 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
 
Error: (08/14/2013 11:39:44 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a29\??\C:\Users\sofia\ntuser.dat
 
Error: (08/14/2013 11:38:47 AM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
 
Error: (08/14/2013 11:38:47 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
 
Error: (08/14/2013 11:37:59 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0x8000002a50\Device\HarddiskVolume1\Users\sofia\NTUSER.DAT.sav
 
Error: (08/14/2013 11:37:18 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
 
Error: (08/13/2013 09:23:28 AM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
 
Error: (08/13/2013 09:23:48 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎08.‎08.‎2013 um 18:01:07 unerwartet heruntergefahren.
 
Error: (08/08/2013 06:28:37 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4
 
Error: (08/08/2013 11:55:34 AM) (Source: DCOM) (User: sofia-PC)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
 
 
Microsoft Office Sessions:
=========================
Error: (08/13/2013 09:48:38 AM) (Source: Windows Backup)(User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)
 
Error: (08/09/2013 00:29:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10343
 
Error: (08/09/2013 00:29:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10343
 
Error: (08/09/2013 00:29:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/09/2013 00:28:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8907
 
Error: (08/09/2013 00:28:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8907
 
Error: (08/09/2013 00:28:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/09/2013 00:28:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7488
 
Error: (08/09/2013 00:28:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7488
 
Error: (08/09/2013 00:28:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
Date: 2013-07-31 12:17:32.282
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
Date: 2013-07-31 12:17:32.184
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
Date: 2013-07-31 12:17:32.136
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
Date: 2013-07-31 12:17:31.737
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
Date: 2013-07-31 12:17:31.608
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
Date: 2013-07-31 12:17:31.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
Date: 2013-07-31 12:17:29.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
Date: 2013-07-31 12:17:27.570
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
Date: 2013-07-15 09:51:16.025
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
Date: 2013-07-15 09:51:15.916
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 56%
Total physical RAM: 3066.87 MB
Available physical RAM: 1332.83 MB
Total Pagefile: 6138.87 MB
Available Pagefile: 4082.42 MB
Total Virtual: 2047.88 MB
Available Virtual: 1854.16 MB
 
==================== Drives ================================
 
Drive c: (BOOT) (Fixed) (Total:268.79 GB) (Free:172.23 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive h: () (Removable) (Total:1.97 GB) (Free:1.6 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: BA31E1B6)
Partition 1: (Active) - (Size=269 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=29 GB) - (Type=0C)
 
========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 009E6679)
Partition 1: (Active) - (Size=2 GB) - (Type=06)
 
==================== End Of Log ============================

--- --- ---

Was kann ich tun, damit mein System wieder schneller wird?

Herzlichen Dank schon mal für die Hilfe!!!!

ryder · 14.08.2013, 17:07

!! Hinweis an Mitlesende !!
Dieses Thema und die Anweisungen sind nur für diesen speziellen Fall gedacht.
Sie könnten andere Computer schwer beschädigen. Öffnet bitte euer eigenes Thema.

Ich werde dir bei deinem Problem helfen. Die Bereinigung funktioniert nur, wenn du dich an die folgenden Regeln hälst:

Bitte lesen:
Regeln für die Bereinigung

Illegal genutzte Software
Beim ersten Anzeichen wird der Support ohne Diskussion eingestellt. Also sorge bitte vorher dafür, dass hier nichts mehr auftaucht.
Keine Garantie
Wir werden uns Mühe geben, aber einen 100% sicheren und sauberen Computer bekommst du nicht zurück. Der einzig sichere Weg ist die Formatierung mit Neuaufsetzen.
Keine Alleingänge
Die Bereinigung funktioniert nur, wenn du genau das machst, was ich anweise. Installiere/deinstalliere keine Software, führe keine Scans durch, die ich dir nicht angewiesen habe. Poste dein Thema in keinem anderen Forum und folge nicht den Anweisungen anderer Helfer. Du raubst damit allen Beteiligten nur Zeit.
Aufmerksam lesen und nachfragen
Lies jede Anleitung genau durch. Bei Unklarheiten bitte vorher nachfragen. Arbeite die Schritte in der Reihenfolge ab und antworte dann erst nach dem letzten Schritt oder wenn du eine Frage hast.
Richtig antworten
- Nachdem du alle Schritte abgearbeitet hast gibst du mir bitte zu jedem Schritt eine Rückmeldung (Logfile oder Antwort) und das gesammelt in einer Antwort.
- Mache deinen Namen nur dann unkenntlich, wenn es wirklich sein muss. Denke bitte aber auch daran, dass wir diesen Thread und deine Logfiles nachträglich nicht editieren werden! (siehe LINK)
- Logfiles bitte zwischen Code-Tags platzieren (im Antwortfenster das #-Symbol anklicken) sieht dann so aus:
  [CODE] (Logfile) [/CODE]
- Hinweis in eigener Sache: Angehängte oder gezippte Logfiles erschweren mir die Arbeit massiv! Mache das also nur, wenn das Logfile zu groß ist, um es direkt zu posten. (Hier gibt es eine Anleitung)
Keine privaten Nachrichten
Ich sehe es, wenn du geantwortet hast, du mußt mich nicht benachrichtigen. Schicke mir nur dann eine PM wenn ich drei Tage nicht geantwortet habe und nur dann.
Wie läuft die Bereinigung ab?
Ganz grob: Analyse > Bereinigung > Kontrolle mit Updates > Fertig. Ob fertig oder nicht werde ich dir ganz deutlich mitteilen, du brauchst nicht nachzufragen.

Schritt 1: (Erinnerung: Antworte mir erst, wenn du alle Schritte abgearbeitet hast!)
Deinstallation von Programmen

Windows XP: Start > Systemsteuerung > Software > [Programmname] > Deinstallieren

Windows Vista / 7: Start > Systemsteuerung > Programme und Funktionen > [Programmname] > Deinstallieren

ggf. Neustart zulassen

Deinstalliere - falls du es nicht absichtlich installiert hast - alles was den Zusatz "Toolbar" enthält, sowie Downloader-Anwendungen (z.B. jDownloader).

Gehe bitte die folgende Liste durch und deinstalliere die genannten Programme, falls vorhanden:
Registry-Cleaner Software, TuneUp Utilities (inkl. Language Pack), Glary Utilities, Spybot S & D (inklusive Teatimer), Zonealarm Firewall (ist unnötig), McAfee Security Scan, Spyware Hunter, Spyware Terminator, Java 6 (alle Varianten, Java 7 kann bleiben), Pokersoftware, xp-Antispy, Hotspot Shield, iLivid, Amazon Icon, DriverEasy, Advanced Driver Updater,Advanced System Protector, RegClean Pro, Advanced System Optimizer, DriverCure, Uniblue DriverScanner, FireJump, SearchAnonymizer, SpeedMaxPC, Optimzer Pro, Webcake, OpenCandy, Zip Opener, WinZipper, Open It!

Ich persönlich empfehle auch alles zu deinstallieren, was mit Bing zu tun hat (Bing Desktop, -toolbar), aber das ist deine Entscheidung.

Schritt 2:
AdwCleaner: Werbeprogramme suchen und löschen

Achtung! Lade dir keinenfalls den ZipOpener herunter.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3:
Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32bit oder FRST 64bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Scan.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ryder · 16.08.2013, 09:34

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomm ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst. Keine Logfiles einsenden, nur kurzer Hinweis, nachdem du deine Logfiles hier eingestellt hast.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen

pc nach registry cleaner sehr langsam

Log-Analyse und Auswertung: pc nach registry cleaner sehr langsam