Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich.

Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich.


Plagegeister aller Art und deren Bekämpfung: Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 09.08.2014, 11:45   #1
Geister_Hugo
 
Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich. - Standard

Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich.


Hallo liebes Trojaner-Board Team,

seit einiger Zeit jammert die Freundin, dass ihr Laptop von Tag zu Tag langsamer wird, neulich hat sie ihn gestartet und wollte ihre Mails im Internet abrufen, doch er hängte sich einfach auf.
Ab und zu wenn man den Laptop Startet erscheint statt dem üblichen Desktop nur ein roter hintergrund und man kann nichts machen, also es erscheinen weder Symbolleiste noch die Icons vom Desktop.
Ich hoffe mal dass es sich nicht um schädliche Software hadelt und ich das System nicht neu aufsetzen muss :'(

Ich habe also die geforderten 4 Schritte durchgearbeitet, es gab nur beim "Gmer" probleme ->
Es gab einen Bluescreen, darauf folgte ein absturz. Nachdem der Rechner neu gestartet hatte, probierte ich es ohne den hacken bei Devices, allerdings mit dem selben Ergebniss.
Also habe ich das Ganze nocheinmal im Abgesicherten Modus ausgeführt (mit dem Hacken bei Devices). Dann hat es auch funktioniert....

Danke schon mal für Eure bemühungen ud ich hoffe ich hab das Thema unter der richtigen Kategorie geöffnet.

ach ja hier noch die logfiles:

-defogger

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:06 on 09/08/2014 (Katha)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

-Farbar recovery scan

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:9-08-2014
Ran by Katha (administrator) on KATHA-PC on 09-08-2014 11:08:51
Running from C:\Users\Katha\Desktop\Heiko
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
() C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
() C:\Program Files\ATKOSD2\ATKOSD2.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\System32\ASUSTPE.exe
() C:\Windows\ASScrPro.exe
(Nokia) C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1662933009-2604913735-171526612-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-1662933009-2604913735-171526612-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1662933009-2604913735-171526612-1000\...\Run: [WindowsSystemGuard] => C:\Users\Public\winsvcn.exe
HKU\S-1-5-21-1662933009-2604913735-171526612-1000\...\MountPoints2: {a040b092-ee0d-11dd-a9d6-806e6f6e6963} - F:\programs\nu2menu\nu2menu.exe
HKU\S-1-5-21-1662933009-2604913735-171526612-1000\...\MountPoints2: {a7e122db-4ac9-11de-9e37-002354178a3c} - F:\preinst.exe
Startup: C:\Users\Katha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk
ShortcutTarget: OpenOffice.org 2.0.lnk -> C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (No File)
ShellIconOverlayIdentifiers: ADSMOverlayIcon -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll ()
ShellIconOverlayIdentifiers: ADSMOverlayIcon1 -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
URLSearchHook: HKCU - Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - DefaultScope {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=6e8666cd-6e9b-4e01-9a40-01b354c9a802&apn_sauid=B71CD49C-99FF-4B92-8A38-2BFD345B6881
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=6e8666cd-6e9b-4e01-9a40-01b354c9a802&apn_sauid=B71CD49C-99FF-4B92-8A38-2BFD345B6881
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {8C3B6CC3-82C5-4B44-926B-31D0038A4D8A} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DealPly -> {EF7BD87A-8024-11E2-F316-F3E56188709B} -> C:\Program Files\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 20 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\953o26is.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "no_proxies_on", "eumex.ip,*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF SearchPlugin: C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\953o26is.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\953o26is.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\953o26is.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\953o26is.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\953o26is.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DealPly Shopping - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\953o26is.default\Extensions\amo@dealplyshopping.com [2013-03-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Katha\AppData\Roaming\Mozilla\Firefox\Profiles\953o26is.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-28]
FF HKLM\...\Firefox\Extensions: [{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension [2010-08-14]
FF HKLM\...\Thunderbird\Extensions: [{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}] - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension [2010-08-14]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-08-06]
CHR HKLM\...\Chrome\Extension: [fmfnfnpmhcllokmkepffndflpnadjmma] - C:\Program Files\DealPly\DealPly.crx [2013-03-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [73728 2007-05-18] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-23] (APN LLC.)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-02-06] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2008-12-25] ()
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [277736 2008-07-30] (Protect Software GmbH)
R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [29752 2007-08-11] (Windows (R) Codename Longhorn DDK provider)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-19] (Avira Operations GmbH & Co. KG)
S3 CSRBC; C:\Windows\System32\Drivers\rider32.sys [31744 2011-02-09] (CSR plc.)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [20936 2007-08-03] ()
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-02-11] (MCCI)
S3 k750mdfl; C:\Windows\System32\DRIVERS\k750mdfl.sys [6576 2005-02-11] (MCCI)
S3 k750mdm; C:\Windows\System32\DRIVERS\k750mdm.sys [89872 2005-02-11] (MCCI)
S3 k750mgmt; C:\Windows\System32\DRIVERS\k750mgmt.sys [81728 2005-02-11] (MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2005-02-11] (MCCI)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
S3 SIVDRIVER; C:\Windows\system32\Drivers\SIVX32.sys [19944 2007-02-24] (Ray Hinchliffe)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1769984 2007-10-01] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-07-29] (Avira GmbH)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-09 11:08 - 2014-08-09 11:08 - 00000000 ____D () C:\FRST
2014-08-09 11:06 - 2014-08-09 11:06 - 00000000 _____ () C:\Users\Katha\defogger_reenable

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-09 11:08 - 2014-08-09 11:08 - 00000000 ____D () C:\FRST
2014-08-09 11:08 - 2011-04-26 21:24 - 00000000 ____D () C:\Users\Katha\Desktop\Heiko
2014-08-09 11:06 - 2014-08-09 11:06 - 00000000 _____ () C:\Users\Katha\defogger_reenable
2014-08-09 11:06 - 2008-11-23 21:29 - 00000000 ____D () C:\Users\Katha
2014-08-09 11:01 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-09 11:01 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-09 11:00 - 2012-07-06 21:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-09 10:02 - 2010-04-05 13:17 - 01380194 _____ () C:\Windows\WindowsUpdate.log
2014-08-09 09:55 - 2008-11-23 22:03 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{C676DC56-B1D4-4878-9B04-4C330694D5DB}.job
2014-08-09 09:52 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-08 04:49 - 2008-11-19 20:42 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-08-08 04:49 - 2006-11-02 15:01 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-07 20:33 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-08-07 19:27 - 2010-02-27 13:57 - 00000000 ____D () C:\Users\Katha\AppData\Roaming\vlc
2014-08-07 19:27 - 2008-11-22 21:08 - 00030208 _____ () C:\Users\Katha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-07 19:27 - 2006-11-02 12:33 - 01445310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 18:37 - 2014-05-13 09:00 - 00000000 ____D () C:\Users\Katha\Desktop\Meister
2014-08-01 17:55 - 2013-05-20 18:39 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-01 16:12 - 2014-06-22 11:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-30 16:10 - 2013-06-15 15:38 - 00016384 _____ () C:\Users\Katha\Desktop\Abnehmplan.xls
2014-07-17 17:17 - 2009-03-24 14:37 - 00000680 _____ () C:\Users\Katha\AppData\Local\d3d9caps.dat
2014-07-16 22:23 - 2013-06-12 16:29 - 00014889 _____ () C:\Windows\setupact.log
2014-07-11 20:00 - 2012-07-06 21:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-11 20:00 - 2011-06-30 12:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Katha\AppData\Local\Temp\AskSLib.dll
C:\Users\Katha\AppData\Local\Temp\avgnt.exe
C:\Users\Katha\AppData\Local\Temp\callhelp.exe
C:\Users\Katha\AppData\Local\Temp\drm_dyndata_7340014.dll
C:\Users\Katha\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Katha\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Katha\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Katha\AppData\Local\Temp\_is1BF3.exe
C:\Users\Katha\AppData\Local\Temp\_isFEC7.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-09 09:59

==================== End Of Log ============================

-die Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:9-08-2014
Ran by Katha at 2014-08-09 11:09:25
Running from C:\Users\Katha\Desktop\Heiko
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
AGEIA PhysX v7.11.13 (HKLM\...\{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}) (Version: 7.11.13 - AGEIA Technologies, Inc.)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
ASUS CopyProtect (HKLM\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0007 - ASUS)
ASUS Data Security Manager (HKLM\...\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}) (Version: 1.00.0006 - ASUS)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.10 - ASUS)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.6 - ASUS)
ASUS Power4Gear eXtreme (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.0.18 - ASUS)
ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0005 - ASUS)
ASUS Touch Pad Extra (HKLM\...\{DB891739-2EB3-45A8-9CBD-941C255CECD4}) (Version:  - )
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0008 - ASUS)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{5EB5EEA7-6432-5827-0080-899DA70A97BA}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0012 - ATK)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0000 - ASUS)
ATKOSD2 (HKLM\...\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}) (Version: 6.64.1.4 - ATK)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-00A7-A758B70C0F05}) (Version: 12.15.5.1034 - APN, LLC)
Brother MFL-Pro Suite (HKLM\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.00 - Brother Industries, Ltd.)
Cardo Updater (HKLM\...\Cardo Updater_is1) (Version:  - Cardo Systems, Inc.)
Catalyst Control Center Core Implementation (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2008.0309.2141.36947 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2008.0309.2141.36947 - ATI) Hidden
CCC Help Chinese Standard (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Czech (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Danish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Dutch (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help English (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Finnish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help French (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help German (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Greek (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Hungarian (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Italian (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Japanese (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Korean (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Norwegian (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Polish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Portuguese (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Russian (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Spanish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Swedish (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Thai (Version: 2008.0309.2140.36947 - ATI) Hidden
CCC Help Turkish (Version: 2008.0309.2140.36947 - ATI) Hidden
ccc-Branding (HKLM\...\{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}) (Version: 1.00.0000 - ATI)
ccc-core-static (Version: 2008.0309.2141.36947 - ATI) Hidden
ccc-utility (Version: 2008.0309.2141.36947 - ATI) Hidden
CCleaner (remove only) (HKLM\...\CCleaner) (Version:  - )
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.0.2908 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.1924 - CyberLink Corp.)
CyberLink Power2Go (Version: 6.0.1924 - CyberLink Corp.) Hidden
DealPly (HKCU\...\DealPly) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM\...\DealPly) (Version: 4.8.6.1 - DealPly Technologies Ltd.) <==== ATTENTION
dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version:  - )
DR.Tool Gehirn Sport (HKLM\...\DR.Tool Gehirn Sport) (Version:  - )
Efficient WMA MP3 Converter v0.98 (HKLM\...\Efficient WMA MP3 Converter_is1) (Version:  - )
Express Gate (HKLM\...\{27D51A76-371D-48B6-B06E-4137A15B7583}) (Version: 0.7.7.0 - devicevm)
Gehirnjogging - Special Edition (HKLM\...\Gehirnjogging - Special Edition) (Version: 1.0 - SBT)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Landwirtschafts Simulator 2008 (HKLM\...\FarmingSimulator2008_is1) (Version:  - astragon Software GmbH)
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
NB Probe (HKLM\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:  - )
Need for Speed™ ProStreet (HKLM\...\{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}) (Version: 1.0.1.0 - Electronic Arts)
Ovi Desktop Sync Engine (Version: 1.4.78.0 - Nokia) Hidden
OviMPlatform (Version: 2.6.195.0 - Nokia) Hidden
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
QuickTime (HKLM\...\{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}) (Version: 7.66.71.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5543 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version:  - Realtek Semiconductor Corp.)
RTL Biathlon 2009 (HKLM\...\RTL Biathlon 2009) (Version:  - )
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM\...\SLABCOMM&10C4&EA60) (Version:  - )
SimCity™ Societies (HKLM\...\{0B5154C0-8F00-4616-B0AB-6240AE80D9CE}) (Version: 1.0.0.0 - Electronic Arts)
Skins (Version: 2008.0309.2141.36947 - ATI) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.8.0 - Synaptics)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
Visitenkarten in 2 Minuten (HKLM\...\Visitenkarten in 2 Minuten) (Version:  - )
VLC media player 1.0.5 (HKLM\...\VLC media player) (Version: 1.0.5 - VideoLAN Team)
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version:  - )
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-08-2014 08:00:00 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0864F149-A2B5-418C-8B8C-42ED13B2D287} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {12B92BF9-7727-4623-A757-A03E2BC854C1} - System32\Tasks\DealPly => C:\Users\Katha\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-02-27] () <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {4163501D-FEB8-460A-BAA6-01E61151DBA6} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Katha => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-21] (Microsoft Corporation)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {606FB28D-EF40-4540-BFDE-49F320B96AD0} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {6338BB25-A384-4532-B8FB-74F8468C07EC} - System32\Tasks\DealPlyUpdate => C:\Program
Task: {75C9ACB2-EF03-4FB7-818A-B57C77208730} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-11] (Adobe Systems Incorporated)
Task: {CD77B242-0FDC-45CF-A6A7-9BFC0C39B7FF} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-06-18] (ASUS)
Task: {DAD7F78A-F3ED-4201-BC98-17EE5ED55B63} - System32\Tasks\DSite => C:\Users\Katha\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{C676DC56-B1D4-4878-9B04-4C330694D5DB}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2008-09-22 08:19 - 2007-05-18 11:31 - 00073728 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
2008-09-22 07:58 - 2007-02-06 03:13 - 00094208 _____ () C:\Program Files\ATK Hotkey\ASLDRSrv.exe
2008-09-22 08:18 - 2007-08-08 09:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2008-09-22 08:19 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
2008-09-22 08:19 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
2003-07-11 03:09 - 2003-07-11 03:09 - 00048192 _____ () C:\Program Files\Common Files\Microsoft Shared\Web Folders\1031\nsextint.dll
2008-09-22 08:19 - 2007-08-08 11:52 - 00331776 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\AdsmendecExt.dll
2008-02-04 22:29 - 2008-02-04 22:29 - 00688128 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
2008-09-22 07:58 - 2004-05-28 03:13 - 00057344 _____ () C:\Program Files\ATK Hotkey\CMSSC.dll
2008-09-22 07:58 - 2007-01-18 04:26 - 07708672 _____ () C:\Program Files\ATKOSD2\ATKOSD2.exe
2008-09-22 08:04 - 2007-07-06 01:53 - 01040384 _____ () C:\Program Files\Wireless Console 2\wcourier.exe
2008-07-19 04:52 - 2008-07-19 04:52 - 00649704 _____ () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2008-06-09 18:55 - 2008-06-09 18:55 - 00013096 _____ () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2008-09-22 08:26 - 2008-09-22 08:26 - 00033136 _____ () C:\Windows\ASScrPro.exe
2008-03-09 16:01 - 2008-03-09 16:01 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-12-25 01:04 - 2008-12-25 01:04 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2008-09-22 08:20 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2008-09-22 07:58 - 2006-12-19 02:26 - 02420736 _____ () C:\Program Files\ATK Hotkey\ATKOSD.exe
2008-09-22 08:23 - 2007-08-03 21:24 - 00125496 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
2008-09-22 08:23 - 2007-09-14 19:00 - 00147456 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll
2008-09-22 08:23 - 2003-11-28 11:11 - 00135168 _____ () C:\Program Files\ASUS\NB Probe\SPM\spos.dll
2008-09-22 08:23 - 2005-08-30 00:24 - 00081920 _____ () C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll
2008-09-22 08:23 - 2003-09-10 01:08 - 00049152 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll
2008-09-22 08:23 - 2006-04-04 19:24 - 00036864 _____ () C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll
2008-09-22 08:23 - 2005-04-08 04:25 - 00077824 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll
2008-09-22 07:58 - 2007-04-17 22:39 - 00077824 _____ () C:\Program Files\ATK Hotkey\KBFiltr.exe
2007-03-07 02:03 - 2007-03-07 02:03 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-06-22 11:40 - 2014-08-01 16:12 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/09/2014 09:54:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/09/2014 09:53:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 04:49:39 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (08/07/2014 08:51:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/07/2014 08:51:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/07/2014 07:12:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/07/2014 07:12:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 07:00:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KATHA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\953O26IS.DEFAULT\CACHE\9> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/07/2014 07:00:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KATHA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\953O26IS.DEFAULT\CACHE\9> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (08/07/2014 07:00:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\KATHA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\953O26IS.DEFAULT\CACHE\8> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (08/09/2014 09:54:59 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/09/2014 09:52:05 AM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (08/07/2014 07:15:29 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/07/2014 07:10:34 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (08/07/2014 07:00:25 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/07/2014 06:56:35 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (08/06/2014 09:01:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Windows Update

Error: (08/06/2014 08:58:47 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/06/2014 08:55:15 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (08/06/2014 08:52:30 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032


Microsoft Office Sessions:
=========================
Error: (08/09/2014 09:54:03 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/09/2014 09:53:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/08/2014 04:49:39 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (08/07/2014 08:51:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/07/2014 08:51:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/07/2014 07:12:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (08/07/2014 07:12:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/07/2014 07:00:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KATHA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\953O26IS.DEFAULT\CACHE\9

Error: (08/07/2014 07:00:26 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KATHA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\953O26IS.DEFAULT\CACHE\9

Error: (08/07/2014 07:00:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\KATHA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\953O26IS.DEFAULT\CACHE\8


CodeIntegrity Errors:
===================================
  Date: 2014-08-09 11:09:07.125
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-09 11:09:06.953
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-09 11:09:06.797
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-09 11:09:06.656
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-09 11:09:06.453
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-09 11:09:06.297
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-09 11:09:06.140
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-09 11:09:05.953
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 3070.35 MB
Available physical RAM: 1805.25 MB
Total Pagefile: 6346.98 MB
Available Pagefile: 4918.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.64 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:139.28 GB) (Free:117.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=10 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=139 GB) - (Type=OF Extended)

==================== End Of Log ============================

-Gmer logg

Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-09 12:13:02
Windows 6.0.6001 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2 ST9320320AS rev.0303 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Katha\AppData\Local\Temp\kwtoqpow.sys


---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                           AsDsm.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                          Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                          Wdf01000.sys

Device          \FileSystem\fastfat \Fat                                                                         8E7E3A7A

AttachedDevice  \FileSystem\fastfat \Fat                                                                         fltmgr.sys
AttachedDevice  \FileSystem\fastfat \Fat                                                                         AsDsm.sys

---- Processes - GMER 2.1 ----

Process          (*** hidden *** )                                                                               [4] 84943910             

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00025b010e55                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00025b010e55@0012ee30243f         0x14 0xED 0x58 0x5B ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00025b010e55@0022fcec00c5         0xEC 0x80 0x48 0xA3 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00025b010e55@14360532496a         0x5A 0xED 0xA7 0x37 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00025b010e55 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00025b010e55@0012ee30243f             0x14 0xED 0x58 0x5B ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00025b010e55@0022fcec00c5             0xEC 0x80 0x48 0xA3 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00025b010e55@14360532496a             0x5A 0xED 0xA7 0x37 ...

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                            unknown MBR code

---- EOF - GMER 2.1 ----

 

Themen zu Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich.
antivirus, bluescreen, converter, desktop, device driver, flash player, homepage, installation, internet, java/exploit.agent.pcn, pop-up-blocker, realtek, registry, security, software, svchost.exe, win32/adware.yontoo.b, win32/dealply.b, win32/dealply.c, win32/dealply.d, win32/dealply.e, win32/dealply.j, win32/toolbar.conduit, win32/toolbar.conduit.b, windows


« G-Datea hat auf meinem Medion Akoya einen Virus entdeckt und nun soll ich das System mit der G Data Boot CD überprüfen | Admin Problem msconfig »


Ähnliche Themen: Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich.


  1. Samsung Laptop hängt ständig - kann nicht mehr mit arbeiten
    Plagegeister aller Art und deren Bekämpfung - 19.05.2016 (95)
  2. neuer laptop läuft gar nix mehr! kein internet, keine anwendungen
    Plagegeister aller Art und deren Bekämpfung - 26.12.2015 (19)
  3. Lollipop Virus auf Laptop , Laptop wird immer Langsamer! Deinstellieren fehlerhaft
    Log-Analyse und Auswertung - 03.02.2014 (3)
  4. Laptop reagiert immer langsamer
    Log-Analyse und Auswertung - 15.01.2014 (23)
  5. Laptop immer langsamer, Kaspersky lässt sich nicht mehr updaten und eset findet viele bedrohliche Dateien. Wie werde ich Sie richtig los?
    Log-Analyse und Auswertung - 05.01.2014 (6)
  6. weißer bildschirm, keine taskleiste, kein taskmanager mehr - kein Klicken möglich
    Plagegeister aller Art und deren Bekämpfung - 29.08.2012 (1)
  7. Keine Anmeldung bei Windows mehr möglich. Passwort feld fehlt. Kein Internet mehr. Kein Admin mehr.
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (5)
  8. Laptop wird immer langsamer, es treten immer neue Probleme auf
    Plagegeister aller Art und deren Bekämpfung - 05.05.2011 (17)
  9. Ewiges Problem: Immer mehr Anwendungen starten nicht mehr korrekt!
    Plagegeister aller Art und deren Bekämpfung - 07.11.2010 (11)
  10. Laptop auf einmal langsamer - Spiele nicht mehr möglich
    Log-Analyse und Auswertung - 23.08.2010 (0)
  11. Winlogon 100%, kein Arbeiten möglich
    Log-Analyse und Auswertung - 22.03.2009 (2)
  12. Kein Antiviren-Programm und auch kein abgesicherter Modus mehr möglich
    Log-Analyse und Auswertung - 12.02.2007 (1)
  13. PC<--ruckelt<--sehr langsam<--Arbeiten kaum mehr möglich. Bitte um Hilfe
    Alles rund um Windows - 17.10.2006 (4)
  14. Internet wird immer langsamer, Downloads nicht mehr möglich!
    Log-Analyse und Auswertung - 20.07.2006 (2)
  15. Lästige PopUps - Arbeiten im Inet nicht mehr möglich
    Log-Analyse und Auswertung - 09.05.2006 (4)
  16. Mit FITZ-FAX aus WINDOWS-Anwendungen faxen nicht mehr möglich
    Alles rund um Windows - 09.01.2006 (14)
  17. LapTop spinnt? anwendungen gehen zT nich mehr
    Log-Analyse und Auswertung - 30.10.2005 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich. - Hallo liebes Trojaner-Board Team, seit einiger Zeit jammert die Freundin, dass ihr Laptop von Tag zu Tag langsamer wird, neulich hat sie ihn gestartet und wollte ihre Mails im Internet - Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich....
Archiv
Du betrachtest: Laptop immer Langsamer, kein arbeiten mit simplen Anwendungen mehr möglich. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131