Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: CPU ist ständig bei 100 Prozent auslastung

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.09.2014, 06:19   #1
SpezR
 
CPU ist ständig bei 100 Prozent auslastung - Standard

CPU ist ständig bei 100 Prozent auslastung



Hallo Zusammen,

Jedes Mal wenn ich mein Notebook (Asus Pro66ic) hochfahre, ist mein CPU bei 100 Prozent ausgelastet. Neu aufsetzen von Windows, hat leider auch nicht gebracht. Kaspersky und Malwarebytes Anti-Malware, finden nichts was das System gefährden könnte. Im Task Manger, finde ich keine Prozesse die den CPU Völlig auslasten könnten. Wäre echt super wenn mir jemand weiter helfen könnte.


Asus Pro66ic
CPU: Intel Core Dou CPU T500@ 2.20GHz
Arbeitsspeicher: 4 GB
Windows : Win 7 Home Premium 64Bit
Grafikkarte: Nividia Geforce GT220M

Alt 19.09.2014, 06:34   #2
schrauber
/// the machine
/// TB-Ausbilder
 

CPU ist ständig bei 100 Prozent auslastung - Standard

CPU ist ständig bei 100 Prozent auslastung



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________

__________________

Alt 19.09.2014, 07:41   #3
SpezR
 
CPU ist ständig bei 100 Prozent auslastung - Standard

CPU ist ständig bei 100 Prozent auslastung



Hi Schrauber,

Zuerst danke das du mir Hilfst.
Komisch jetzt läuft der CPU bei 10-20 Prozent im ruhigem zustand.
Hier das Ergebniss, im Anhang zwei Bilder.

Gruß
SpezR



FRST.txt



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by R (administrator) on R-PC on 19-09-2014 08:14:58
Running from C:\Users\R\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Dropbox, Inc.) C:\Users\R\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
() C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-12] (AlcorMicro Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\R\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Users\R\AppData\Roaming\Microsoft\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe ()
ShellIconOverlayIdentifiers: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: KAVOverlayIcon -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF092A4F871D3CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.2

FireFox:
========
FF ProfilePath: C:\Users\R\AppData\Roaming\Mozilla\Firefox\Profiles\1xqr9pga.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-09-18]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-09-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-09-18]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-09-18]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-09-18]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R3 spmgr; C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R2 ghaio; C:\Program Files (x86)\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-09-19] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-09-19] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-09-19] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-09-19] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 08:14 - 2014-09-19 08:15 - 00013910 _____ () C:\Users\R\Downloads\FRST.txt
2014-09-19 08:14 - 2014-09-19 08:15 - 00000000 ____D () C:\FRST
2014-09-19 08:14 - 2014-09-19 08:14 - 02105856 _____ (Farbar) C:\Users\R\Downloads\FRST64.exe
2014-09-18 23:54 - 2014-09-19 00:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-18 23:54 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-18 22:49 - 2014-09-19 06:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 22:49 - 2014-09-18 22:49 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-18 22:49 - 2014-09-18 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-18 22:48 - 2014-09-18 22:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-18 22:48 - 2014-09-18 22:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 22:48 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-18 22:48 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-18 22:48 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-18 22:47 - 2014-09-18 22:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\R\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-18 22:41 - 2014-09-18 22:41 - 00002216 _____ () C:\Users\R\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-18 22:41 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-18 22:41 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-09-18 22:34 - 2014-09-18 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
2014-09-18 22:34 - 2014-09-18 22:32 - 00001078 _____ () C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2014-09-18 22:32 - 2013-11-11 19:13 - 00064856 _____ (Kaspersky Lab) C:\Windows\system32\klfphc.dll
2014-09-18 22:31 - 2011-06-02 14:39 - 00066616 _____ (Infowatch) C:\Windows\system32\Drivers\CSVirtualDiskDrv.sys
2014-09-18 22:30 - 2011-06-02 14:39 - 00084536 _____ (Infowatch) C:\Windows\system32\Drivers\CSCrySec.sys
2014-09-18 22:28 - 2014-09-18 22:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-18 22:28 - 2014-09-18 22:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-18 22:25 - 2014-09-19 07:01 - 00628288 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-18 22:25 - 2014-09-19 07:01 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-18 22:22 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-18 22:22 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-18 22:22 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-18 22:22 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-18 22:21 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-18 22:21 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-18 22:08 - 2014-09-18 22:09 - 194045080 _____ (Kaspersky Lab) C:\Users\R\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-09-18 22:05 - 2014-09-19 08:14 - 00000000 ___RD () C:\Users\R\Dropbox
2014-09-18 22:05 - 2014-09-18 22:05 - 00000997 _____ () C:\Users\R\Desktop\Dropbox.lnk
2014-09-18 22:03 - 2014-09-18 22:03 - 00000000 ____D () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 22:02 - 2014-09-19 08:14 - 00000000 ____D () C:\Users\R\AppData\Roaming\Dropbox
2014-09-18 22:01 - 2014-09-18 22:01 - 00323672 _____ (Dropbox, Inc.) C:\Users\R\Downloads\DropboxInstaller.exe
2014-09-18 22:00 - 2014-09-18 22:00 - 00007625 _____ () C:\Users\R\AppData\Local\Resmon.ResmonCfg
2014-09-18 21:59 - 2014-09-18 21:59 - 00344662 _____ () C:\Users\R\Downloads\Cer_BSMI_K61IC_X66IC_PRO66IC.zip
2014-09-18 21:58 - 2014-09-18 21:58 - 00165346 _____ () C:\Users\R\Downloads\KBFilter_WIN7_64_1003.zip
2014-09-18 21:57 - 2014-09-19 08:10 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-18 21:57 - 2014-09-18 21:57 - 00674821 _____ () C:\Users\R\Downloads\K70ICAS211.zip
2014-09-18 21:53 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-09-18 21:53 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-09-18 21:53 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-09-18 21:53 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-09-18 21:53 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2014-09-18 21:53 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2014-09-18 21:53 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-09-18 21:53 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2014-09-18 21:53 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2014-09-18 21:53 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-09-18 21:39 - 2014-09-18 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-09-18 21:39 - 2014-09-18 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-18 21:38 - 2014-09-18 21:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-09-18 21:37 - 2014-09-18 21:37 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-18 21:37 - 2014-09-18 21:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-09-18 21:37 - 2014-09-18 21:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-09-18 21:36 - 2014-09-18 21:36 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-18 21:36 - 2014-09-18 21:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-18 21:35 - 2014-09-18 21:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-18 21:35 - 2014-09-18 21:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-18 21:35 - 2014-09-18 21:35 - 00000000 __RHD () C:\MSOCache
2014-09-18 21:35 - 2014-09-18 21:35 - 00000000 ____D () C:\Users\R\AppData\Local\Microsoft Help
2014-09-18 21:35 - 2014-09-18 21:35 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-18 21:35 - 2014-09-18 21:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-09-18 21:34 - 2014-09-18 21:34 - 175401568 _____ () C:\Users\R\Downloads\kav15.0.0.463de_6505.exe
2014-09-18 21:32 - 2014-09-18 21:32 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-18 21:32 - 2014-09-18 21:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-18 21:32 - 2014-09-18 21:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-18 21:32 - 2014-09-18 21:32 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-18 21:32 - 2014-09-18 21:32 - 00000000 ____D () C:\ProgramData\Sun
2014-09-18 21:32 - 2014-09-18 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-18 21:32 - 2014-09-18 21:32 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-18 21:28 - 2014-09-18 21:28 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-09-18 21:28 - 2014-09-18 21:28 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-09-18 21:20 - 2014-09-18 21:28 - 00000000 ____D () C:\Users\R\AppData\Roaming\Adobe
2014-09-18 21:20 - 2014-09-18 21:20 - 00000000 ____D () C:\Users\R\AppData\Roaming\Macromedia
2014-09-18 21:20 - 2014-09-18 21:20 - 00000000 ____D () C:\Users\R\AppData\Local\Macromedia
2014-09-18 21:19 - 2014-09-19 06:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-18 21:19 - 2014-09-18 21:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-18 21:19 - 2014-09-18 21:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-18 21:19 - 2014-09-18 21:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-18 21:19 - 2014-09-18 21:19 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-18 21:19 - 2014-09-18 21:19 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-18 21:15 - 2014-09-18 21:33 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 21:14 - 2014-09-18 21:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-18 21:14 - 2014-09-18 21:28 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-18 21:09 - 2014-09-18 21:28 - 00000000 ____D () C:\Users\R\AppData\Local\Adobe
2014-09-18 21:04 - 2014-09-18 21:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-18 21:04 - 2014-09-18 21:04 - 00000830 _____ () C:\Users\R\Desktop\Downloads.lnk
2014-09-18 21:02 - 2014-09-18 21:02 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_K61IC.alu
2014-09-18 21:00 - 2014-09-18 21:00 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-09-18 21:00 - 2014-09-18 21:00 - 00000000 ____D () C:\Users\R\AppData\Roaming\Thunderbird
2014-09-18 21:00 - 2014-09-18 21:00 - 00000000 ____D () C:\Users\R\AppData\Local\Thunderbird
2014-09-18 21:00 - 2014-09-18 21:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-09-18 20:57 - 2014-09-18 21:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 20:57 - 2014-09-18 20:57 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 20:57 - 2014-09-18 20:57 - 00000000 ____D () C:\Users\R\AppData\Roaming\Mozilla
2014-09-18 20:57 - 2014-09-18 20:57 - 00000000 ____D () C:\Users\R\AppData\Local\Mozilla
2014-09-18 20:57 - 2014-09-18 20:57 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-18 20:57 - 2014-09-18 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 20:51 - 2014-09-18 20:51 - 00003114 _____ () C:\Windows\System32\Tasks\P4GIntlCtrl
2014-09-18 20:44 - 2014-09-18 20:44 - 00000000 ____D () C:\Users\R\AppData\Local\ASUS
2014-09-18 20:42 - 2014-09-18 19:46 - 00000000 ____D () C:\Windows\Panther
2014-09-18 20:39 - 2014-09-18 20:39 - 00003142 _____ () C:\Windows\System32\Tasks\{8B255FC5-3032-4B46-8610-E4B57995AA5B}
2014-09-18 20:37 - 2014-09-19 06:08 - 00002876 _____ () C:\Windows\System32\Tasks\Net4Switch
2014-09-18 20:37 - 2014-09-18 20:37 - 00000000 ____D () C:\ProgramData\ASUS
2014-09-18 20:36 - 2014-09-19 08:11 - 00003006 _____ () C:\Windows\System32\Tasks\ASUS Live Update
2014-09-18 20:35 - 2014-09-18 20:35 - 00003158 _____ () C:\Windows\System32\Tasks\{F0471D47-A86A-4093-8750-5D58075AA1DD}
2014-09-18 20:33 - 2014-09-19 08:10 - 00000080 _____ () C:\Windows\system32\Defrag.ini
2014-09-18 20:33 - 2014-09-19 06:23 - 00001364 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-09-18 20:33 - 2014-09-19 06:08 - 00001143 _____ () C:\Windows\system32\ServiceFilter.ini
2014-09-18 20:33 - 2014-09-18 20:33 - 00000000 ____D () C:\Program Files\ASUS
2014-09-18 20:33 - 2009-09-03 17:59 - 00359040 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
2014-09-18 20:33 - 2009-09-03 17:59 - 00274560 _____ () C:\Windows\system32\GetBootTime.dll
2014-09-18 20:33 - 2009-06-12 17:55 - 00000105 _____ () C:\Windows\system32\FastBoot.ini
2014-09-18 20:33 - 2009-06-05 13:35 - 00000052 _____ () C:\Windows\system32\RemoveFont.ini
2014-09-18 20:33 - 2009-06-05 13:35 - 00000015 _____ () C:\Windows\system32\BootTime.ini
2014-09-18 20:32 - 2014-09-19 06:23 - 00000000 ___HD () C:\ASUS.DAT
2014-09-18 20:32 - 2014-09-18 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-09-18 20:32 - 2014-09-18 20:32 - 00000000 ____D () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-09-18 20:31 - 2014-09-18 20:31 - 00003132 _____ () C:\Windows\System32\Tasks\{FE1E89D5-36E2-4425-AADF-62C514CD18E0}
2014-09-18 20:27 - 2014-09-18 20:27 - 00000000 ____D () C:\Program Files\DIFX
2014-09-18 20:26 - 2014-09-18 20:27 - 00011218 _____ () C:\Windows\DPINST.LOG
2014-09-18 20:24 - 2014-09-18 22:42 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-18 20:17 - 2014-09-18 22:19 - 00010698 _____ () C:\Windows\PFRO.log
2014-09-18 20:17 - 2014-09-18 20:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-18 20:16 - 2014-09-18 20:16 - 00000000 ____D () C:\ProgramData\AmUStor
2014-09-18 20:16 - 2014-09-18 20:16 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun
2014-09-18 20:15 - 2014-09-18 20:15 - 00000000 ____D () C:\Program Files\Elantech
2014-09-18 20:14 - 2009-05-22 22:52 - 00215040 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-09-18 20:14 - 2009-03-05 14:54 - 00067584 _____ () C:\Windows\system32\RtNicProp64.dll
2014-09-18 20:12 - 2009-08-24 23:32 - 00541216 _____ (NVIDIA Corporation) C:\Windows\system32\NVUNINST.EXE
2014-09-18 20:10 - 2014-09-18 22:19 - 00108840 _____ () C:\Users\R\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Users\R\AppData\Local\SRS Labs
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Program Files\SRS Labs
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Program Files\Realtek
2014-09-18 20:09 - 2014-09-18 20:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-18 20:09 - 2014-09-18 20:14 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-18 20:09 - 2014-09-18 20:10 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-09-18 20:09 - 2009-09-11 21:45 - 02001056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-09-18 20:09 - 2009-09-11 20:57 - 01667104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-09-18 20:09 - 2009-09-11 20:57 - 01445408 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-09-18 20:09 - 2009-09-11 20:57 - 00611872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-09-18 20:09 - 2009-09-11 20:57 - 00436768 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-09-18 20:09 - 2009-09-11 20:57 - 00332320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-09-18 20:09 - 2009-09-11 20:57 - 00149536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-09-18 20:09 - 2009-09-11 20:56 - 01178656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-09-18 20:09 - 2009-09-11 20:56 - 00064032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2014-09-18 20:09 - 2009-08-31 19:49 - 00294912 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-09-18 20:09 - 2009-08-18 17:16 - 00831488 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-09-18 20:09 - 2009-07-02 19:28 - 00363008 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-09-18 20:09 - 2009-07-02 19:28 - 00198656 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-09-18 20:09 - 2009-07-02 19:28 - 00095744 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-09-18 20:09 - 2009-07-02 19:28 - 00073216 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-09-18 20:09 - 2009-04-16 10:13 - 00166400 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-09-18 20:09 - 2009-04-02 16:43 - 00000520 _____ () C:\Windows\system32\Drivers\SamSfPa.dat
2014-09-18 20:09 - 2009-03-31 14:02 - 00108032 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-09-18 20:09 - 2009-03-09 05:32 - 00304640 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-09-18 20:09 - 2009-03-09 05:30 - 00304640 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-09-18 20:04 - 2014-08-25 06:53 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-18 19:52 - 2014-09-18 19:52 - 00000000 ____D () C:\Users\R\AppData\Local\DriverTuner
2014-09-18 19:47 - 2014-09-19 08:13 - 00335047 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 19:46 - 2014-09-18 22:05 - 00000000 ____D () C:\Users\R
2014-09-18 19:46 - 2014-09-18 20:47 - 00000000 ____D () C:\Users\R\AppData\Local\VirtualStore
2014-09-18 19:46 - 2014-09-18 19:46 - 00001439 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-18 19:46 - 2014-09-18 19:46 - 00001405 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-18 19:46 - 2014-09-18 19:46 - 00000020 ___SH () C:\Users\R\ntuser.ini
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Vorlagen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Startmenü
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Netzwerkumgebung
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Lokale Einstellungen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Eigene Dateien
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Druckumgebung
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Documents\Eigene Musik
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Documents\Eigene Bilder
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\AppData\Local\Verlauf
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\AppData\Local\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 __SHD () C:\Recovery
2014-09-18 19:46 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-18 19:46 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-18 19:44 - 2014-09-18 19:44 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-18 19:44 - 2014-09-18 19:44 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-18 19:44 - 2014-09-18 19:44 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-09-18 19:43 - 2014-09-18 19:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 08:15 - 2014-09-19 08:14 - 00013910 _____ () C:\Users\R\Downloads\FRST.txt
2014-09-19 08:15 - 2014-09-19 08:14 - 00000000 ____D () C:\FRST
2014-09-19 08:14 - 2014-09-19 08:14 - 02105856 _____ (Farbar) C:\Users\R\Downloads\FRST64.exe
2014-09-19 08:14 - 2014-09-18 22:05 - 00000000 ___RD () C:\Users\R\Dropbox
2014-09-19 08:14 - 2014-09-18 22:02 - 00000000 ____D () C:\Users\R\AppData\Roaming\Dropbox
2014-09-19 08:13 - 2014-09-18 19:47 - 00335047 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 08:11 - 2014-09-18 20:36 - 00003006 _____ () C:\Windows\System32\Tasks\ASUS Live Update
2014-09-19 08:10 - 2014-09-18 21:57 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-19 08:10 - 2014-09-18 20:33 - 00000080 _____ () C:\Windows\system32\Defrag.ini
2014-09-19 08:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 08:10 - 2009-07-14 06:51 - 00017533 _____ () C:\Windows\setupact.log
2014-09-19 07:40 - 2009-07-14 06:45 - 00015664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 07:40 - 2009-07-14 06:45 - 00015664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-19 07:01 - 2014-09-18 22:25 - 00628288 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-19 07:01 - 2014-09-18 22:25 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-19 07:01 - 2013-11-11 19:13 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-09-19 07:01 - 2012-08-02 15:09 - 00029792 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2014-09-19 06:49 - 2014-09-18 21:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 06:25 - 2014-09-18 22:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-19 06:23 - 2014-09-18 20:33 - 00001364 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-09-19 06:23 - 2014-09-18 20:32 - 00000000 ___HD () C:\ASUS.DAT
2014-09-19 06:13 - 2009-07-14 19:58 - 00654166 _____ () C:\Windows\system32\perfh007.dat
2014-09-19 06:13 - 2009-07-14 19:58 - 00130006 _____ () C:\Windows\system32\perfc007.dat
2014-09-19 06:13 - 2009-07-14 07:13 - 01498506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-19 06:08 - 2014-09-18 20:37 - 00002876 _____ () C:\Windows\System32\Tasks\Net4Switch
2014-09-19 06:08 - 2014-09-18 20:33 - 00001143 _____ () C:\Windows\system32\ServiceFilter.ini
2014-09-19 01:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-19 00:12 - 2014-09-18 23:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-18 22:49 - 2014-09-18 22:49 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-18 22:49 - 2014-09-18 22:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-18 22:49 - 2014-09-18 22:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-18 22:48 - 2014-09-18 22:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 22:47 - 2014-09-18 22:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\R\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-18 22:42 - 2014-09-18 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-09-18 22:42 - 2014-09-18 20:24 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-09-18 22:41 - 2014-09-18 22:41 - 00002216 _____ () C:\Users\R\Desktop\Sicherer Zahlungsverkehr.lnk
2014-09-18 22:34 - 2014-09-18 22:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky PURE 3.0
2014-09-18 22:32 - 2014-09-18 22:34 - 00001078 _____ () C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2014-09-18 22:28 - 2014-09-18 22:28 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-09-18 22:28 - 2014-09-18 22:28 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-09-18 22:19 - 2014-09-18 20:17 - 00010698 _____ () C:\Windows\PFRO.log
2014-09-18 22:19 - 2014-09-18 20:10 - 00108840 _____ () C:\Users\R\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-18 22:19 - 2009-07-14 06:45 - 00414968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-18 22:09 - 2014-09-18 22:08 - 194045080 _____ (Kaspersky Lab) C:\Users\R\Downloads\pure13.0.2.558abcdDE_5372.exe
2014-09-18 22:05 - 2014-09-18 22:05 - 00000997 _____ () C:\Users\R\Desktop\Dropbox.lnk
2014-09-18 22:05 - 2014-09-18 19:46 - 00000000 ____D () C:\Users\R
2014-09-18 22:03 - 2014-09-18 22:03 - 00000000 ____D () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-18 22:01 - 2014-09-18 22:01 - 00323672 _____ (Dropbox, Inc.) C:\Users\R\Downloads\DropboxInstaller.exe
2014-09-18 22:00 - 2014-09-18 22:00 - 00007625 _____ () C:\Users\R\AppData\Local\Resmon.ResmonCfg
2014-09-18 21:59 - 2014-09-18 21:59 - 00344662 _____ () C:\Users\R\Downloads\Cer_BSMI_K61IC_X66IC_PRO66IC.zip
2014-09-18 21:58 - 2014-09-18 21:58 - 00165346 _____ () C:\Users\R\Downloads\KBFilter_WIN7_64_1003.zip
2014-09-18 21:57 - 2014-09-18 21:57 - 00674821 _____ () C:\Users\R\Downloads\K70ICAS211.zip
2014-09-18 21:45 - 2014-09-18 21:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-18 21:45 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-09-18 21:39 - 2014-09-18 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-09-18 21:39 - 2014-09-18 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-18 21:38 - 2014-09-18 21:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-09-18 21:38 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-09-18 21:38 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-18 21:37 - 2014-09-18 21:37 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-18 21:37 - 2014-09-18 21:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-09-18 21:37 - 2014-09-18 21:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-09-18 21:37 - 2014-09-18 21:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-18 21:36 - 2014-09-18 21:36 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-18 21:36 - 2014-09-18 21:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-18 21:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-18 21:35 - 2014-09-18 21:35 - 00000000 __RHD () C:\MSOCache
2014-09-18 21:35 - 2014-09-18 21:35 - 00000000 ____D () C:\Users\R\AppData\Local\Microsoft Help
2014-09-18 21:35 - 2014-09-18 21:35 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-18 21:35 - 2014-09-18 21:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-09-18 21:34 - 2014-09-18 21:34 - 175401568 _____ () C:\Users\R\Downloads\kav15.0.0.463de_6505.exe
2014-09-18 21:33 - 2014-09-18 21:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 21:32 - 2014-09-18 21:32 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-18 21:32 - 2014-09-18 21:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-18 21:32 - 2014-09-18 21:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-18 21:32 - 2014-09-18 21:32 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-18 21:32 - 2014-09-18 21:32 - 00000000 ____D () C:\ProgramData\Sun
2014-09-18 21:32 - 2014-09-18 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-18 21:32 - 2014-09-18 21:32 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-18 21:32 - 2014-09-18 21:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-18 21:29 - 2014-09-18 21:14 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-18 21:29 - 2014-09-18 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-18 21:28 - 2014-09-18 21:28 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-09-18 21:28 - 2014-09-18 21:28 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-09-18 21:28 - 2014-09-18 21:20 - 00000000 ____D () C:\Users\R\AppData\Roaming\Adobe
2014-09-18 21:28 - 2014-09-18 21:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-18 21:28 - 2014-09-18 21:09 - 00000000 ____D () C:\Users\R\AppData\Local\Adobe
2014-09-18 21:20 - 2014-09-18 21:20 - 00000000 ____D () C:\Users\R\AppData\Roaming\Macromedia
2014-09-18 21:20 - 2014-09-18 21:20 - 00000000 ____D () C:\Users\R\AppData\Local\Macromedia
2014-09-18 21:19 - 2014-09-18 21:19 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-18 21:19 - 2014-09-18 21:19 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-18 21:19 - 2014-09-18 21:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-18 21:19 - 2014-09-18 21:19 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-18 21:19 - 2014-09-18 21:19 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-18 21:04 - 2014-09-18 21:04 - 00000830 _____ () C:\Users\R\Desktop\Downloads.lnk
2014-09-18 21:02 - 2014-09-18 21:02 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_K61IC.alu
2014-09-18 21:00 - 2014-09-18 21:00 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-09-18 21:00 - 2014-09-18 21:00 - 00000000 ____D () C:\Users\R\AppData\Roaming\Thunderbird
2014-09-18 21:00 - 2014-09-18 21:00 - 00000000 ____D () C:\Users\R\AppData\Local\Thunderbird
2014-09-18 21:00 - 2014-09-18 21:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-09-18 20:57 - 2014-09-18 20:57 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-18 20:57 - 2014-09-18 20:57 - 00000000 ____D () C:\Users\R\AppData\Roaming\Mozilla
2014-09-18 20:57 - 2014-09-18 20:57 - 00000000 ____D () C:\Users\R\AppData\Local\Mozilla
2014-09-18 20:57 - 2014-09-18 20:57 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-18 20:57 - 2014-09-18 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-18 20:51 - 2014-09-18 20:51 - 00003114 _____ () C:\Windows\System32\Tasks\P4GIntlCtrl
2014-09-18 20:47 - 2014-09-18 19:46 - 00000000 ____D () C:\Users\R\AppData\Local\VirtualStore
2014-09-18 20:44 - 2014-09-18 20:44 - 00000000 ____D () C:\Users\R\AppData\Local\ASUS
2014-09-18 20:43 - 2014-09-18 20:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-18 20:41 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-09-18 20:41 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-09-18 20:39 - 2014-09-18 20:39 - 00003142 _____ () C:\Windows\System32\Tasks\{8B255FC5-3032-4B46-8610-E4B57995AA5B}
2014-09-18 20:37 - 2014-09-18 20:37 - 00000000 ____D () C:\ProgramData\ASUS
2014-09-18 20:37 - 2014-09-18 20:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-18 20:35 - 2014-09-18 20:35 - 00003158 _____ () C:\Windows\System32\Tasks\{F0471D47-A86A-4093-8750-5D58075AA1DD}
2014-09-18 20:33 - 2014-09-18 20:33 - 00000000 ____D () C:\Program Files\ASUS
2014-09-18 20:32 - 2014-09-18 20:32 - 00000000 ____D () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-09-18 20:31 - 2014-09-18 20:31 - 00003132 _____ () C:\Windows\System32\Tasks\{FE1E89D5-36E2-4425-AADF-62C514CD18E0}
2014-09-18 20:27 - 2014-09-18 20:27 - 00000000 ____D () C:\Program Files\DIFX
2014-09-18 20:27 - 2014-09-18 20:26 - 00011218 _____ () C:\Windows\DPINST.LOG
2014-09-18 20:16 - 2014-09-18 20:16 - 00000000 ____D () C:\ProgramData\AmUStor
2014-09-18 20:16 - 2014-09-18 20:16 - 00000000 ____D () C:\Program Files (x86)\AmIcoSingLun
2014-09-18 20:15 - 2014-09-18 20:15 - 00000000 ____D () C:\Program Files\Elantech
2014-09-18 20:14 - 2014-09-18 20:09 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-18 20:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-09-18 20:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Users\R\AppData\Local\SRS Labs
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Program Files\SRS Labs
2014-09-18 20:10 - 2014-09-18 20:10 - 00000000 ____D () C:\Program Files\Realtek
2014-09-18 20:10 - 2014-09-18 20:09 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-09-18 20:04 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-09-18 19:52 - 2014-09-18 19:52 - 00000000 ____D () C:\Users\R\AppData\Local\DriverTuner
2014-09-18 19:46 - 2014-09-18 20:42 - 00000000 ____D () C:\Windows\Panther
2014-09-18 19:46 - 2014-09-18 19:46 - 00001439 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-18 19:46 - 2014-09-18 19:46 - 00001405 _____ () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-18 19:46 - 2014-09-18 19:46 - 00000020 ___SH () C:\Users\R\ntuser.ini
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Vorlagen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Startmenü
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Netzwerkumgebung
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Lokale Einstellungen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Eigene Dateien
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Druckumgebung
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Documents\Eigene Musik
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Documents\Eigene Bilder
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\AppData\Local\Verlauf
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\AppData\Local\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\R\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-09-18 19:46 - 2014-09-18 19:46 - 00000000 __SHD () C:\Recovery
2014-09-18 19:46 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-18 19:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-09-18 19:44 - 2014-09-18 19:44 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-18 19:44 - 2014-09-18 19:44 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-18 19:44 - 2014-09-18 19:44 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-09-18 19:44 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-18 19:44 - 2009-07-14 06:46 - 00001774 _____ () C:\Windows\DtcInstall.log
2014-09-18 19:44 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-18 19:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-09-18 19:43 - 2014-09-18 19:43 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-08-29 13:01 - 2014-09-18 23:54 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-25 06:53 - 2014-09-18 20:04 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\R\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfwx4eh.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-19 01:18

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---



Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by R at 2014-09-19 08:16:43
Running from C:\Users\R\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky PURE 3.0 (Enabled - Out of date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 15.0.0.249 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{331C520E-D8C3-4AB9-ADF7-A666A3561922}) (Version: 1.3.17.25001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.25001 - Alcor Micro Corp.) Hidden
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0052 - ASUS)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version:  - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.2 - ASUS)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.1.1 - Mozilla)
Mozilla Thunderbird 31.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.1.1 (x86 de)) (Version: 31.1.1 - Mozilla)
NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1200 - Ihr Firmenname)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2413220524-1917023513-774832734-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2413220524-1917023513-774832734-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2413220524-1917023513-774832734-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2413220524-1917023513-774832734-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2413220524-1917023513-774832734-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2413220524-1917023513-774832734-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2413220524-1917023513-774832734-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2413220524-1917023513-774832734-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2413220524-1917023513-774832734-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\R\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

18-09-2014 18:32:16 Installed ControlDeck
18-09-2014 18:32:46 Installed ASUS FancyStart
18-09-2014 18:33:09 Installed Fast Boot
18-09-2014 18:34:42 Installiert Realtek 8136 8168 8169 Ethernet Driver
18-09-2014 18:35:22 Installiert Realtek 8136 8168 8169 Ethernet Driver
18-09-2014 18:36:01 Installed ASUS LifeFrame3
18-09-2014 18:36:32 Installed ASUS Live Update
18-09-2014 18:37:00 Installed NB Probe
18-09-2014 18:37:25 Installed Net4Switch
18-09-2014 18:37:54 Installed ASUS Power4Gear Hybrid
18-09-2014 18:38:47 Installed ASUS SmartLogon
18-09-2014 18:39:22 Installed ASUS Splendid Video Enhancement Technology
18-09-2014 18:39:47 Installed ASUS Splendid Video Enhancement Technology
18-09-2014 18:40:33 Installed ASUS Splendid Video Enhancement Technology
18-09-2014 18:41:02 ASUS Virtual Camera wird installiert
18-09-2014 18:41:28 Installed Wireless Console 3
18-09-2014 18:43:51 Installed ASUS Data Security Manager
18-09-2014 18:45:35 Removed Net4Switch
18-09-2014 18:46:04 Removed ASUS SmartLogon
18-09-2014 18:48:26 Removed ATK Hotkey
18-09-2014 18:48:54 Removed ATKOSD2
18-09-2014 18:49:20 Removed ASUS LifeFrame3
18-09-2014 18:50:52 Removed ControlDeck
18-09-2014 18:51:11 Removed ASUS Power4Gear Hybrid
18-09-2014 18:51:32 Removed Wireless Console 3
18-09-2014 19:26:27 Installed ATK Hotkey
18-09-2014 19:31:56 Installed Java 7 Update 67
18-09-2014 19:32:38 Installed Microsoft Office Professional Plus 2010
18-09-2014 19:34:52 Installed Microsoft Office Professional Plus 2010
18-09-2014 19:53:26 Windows Update
18-09-2014 20:21:23 Windows Update
18-09-2014 20:40:19 ASUS Virtual Camera wird entfernt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0E29E017-3AAB-4039-BFBD-4F39390417C7} - System32\Tasks\Net4Switch => C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
Task: {165CDEAF-09DA-4253-BA28-9BCAC50553AE} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {18AC7CDE-77E1-4CC5-8AA9-2946576EFDFC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-18] (Adobe Systems Incorporated)
Task: {3D2130F4-83C4-4767-BC93-2407AB8C106B} - System32\Tasks\P4GIntlCtrl => \IntlCtrl.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-09-18 20:33 - 2009-09-03 17:59 - 00274560 _____ () C:\Windows\system32\GetBootTime.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2008-08-13 20:59 - 2008-08-13 20:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2014-09-18 20:37 - 2007-08-03 12:24 - 00125496 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe
2014-09-18 20:36 - 2007-11-30 11:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2014-09-19 08:10 - 2014-09-19 08:10 - 00043008 _____ () c:\users\r\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfwx4eh.dll
2014-09-18 22:03 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\R\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-18 20:37 - 2007-09-14 10:00 - 00147456 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spdiskex.dll
2014-09-18 20:37 - 2003-11-28 02:11 - 00135168 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spos.dll
2014-09-18 20:37 - 2005-08-29 15:24 - 00081920 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spnbacpi.dll
2014-09-18 20:37 - 2003-09-09 16:08 - 00049152 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spdmi.dll
2014-09-18 20:37 - 2006-04-04 10:24 - 00036864 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\ghadmi.dll
2014-09-18 20:37 - 2005-04-07 19:25 - 00077824 _____ () C:\Program Files (x86)\ASUS\NB Probe\SPM\spmemory.dll
2014-09-18 21:00 - 2014-09-08 22:20 - 03339376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-09-18 21:00 - 2014-09-08 22:20 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-09-18 21:00 - 2014-09-08 22:20 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-09-18 20:57 - 2014-09-12 04:42 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-18 21:19 - 2014-09-18 21:19 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============

Name: Atheros AR9285-Drahtlosnetzwerkadapter
Description: Atheros AR9285-Drahtlosnetzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/18/2014 11:52:13 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070005

Error: (09/18/2014 09:36:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.08"1".
Die abhängige Assemblierung "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.08"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/18/2014 09:28:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm jxpiinstall.exe, Version 7.0.670.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3d0

Startzeit: 01cfd375f5908fc0

Endzeit: 16

Anwendungspfad: C:\Users\R\Downloads\jxpiinstall.exe

Berichts-ID:

Error: (09/18/2014 09:22:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm jxpiinstall.exe, Version 7.0.670.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9bc

Startzeit: 01cfd373662aea30

Endzeit: 12

Anwendungspfad: C:\Users\R\Downloads\jxpiinstall.exe

Berichts-ID:

Error: (09/18/2014 08:48:46 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: R-PC)
Description: Die Anwendung oder der Dienst "ASLDR Service" konnte nicht neu gestartet werden.

Error: (09/18/2014 08:11:19 PM) (Source: MsiInstaller) (EventID: 1013) (User: R-PC)
Description: Product: Alcor Micro USB Card Reader -- This installation cannot be run by directly launching the MSI package. You must run setup.exe.


System errors:
=============
Error: (09/19/2014 06:26:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800705b4 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB976972)

Error: (09/19/2014 06:26:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800705b4 fehlgeschlagen: Windows 7 Service Pack 1 für x64-basierte Systeme (KB976932)

Error: (09/19/2014 06:22:11 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084CSObjectsSrv{D7B356D0-0DA4-11DB-8993-005056C00008}

Error: (09/19/2014 06:18:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/19/2014 06:18:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/19/2014 06:18:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/19/2014 06:18:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/19/2014 06:18:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/19/2014 06:18:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (09/19/2014 06:18:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (09/18/2014 11:52:13 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070005 
mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (09/18/2014 09:36:42 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.08"C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

Error: (09/18/2014 09:28:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: jxpiinstall.exe7.0.670.13d001cfd375f5908fc016C:\Users\R\Downloads\jxpiinstall.exe

Error: (09/18/2014 09:22:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: jxpiinstall.exe7.0.670.19bc01cfd373662aea3012C:\Users\R\Downloads\jxpiinstall.exe

Error: (09/18/2014 08:48:46 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: R-PC)
Description: 0AsLdrSrv.exeASLDR Service03026217810480

Error: (09/18/2014 08:11:19 PM) (Source: MsiInstaller) (EventID: 1013) (User: R-PC)
Description: Product: Alcor Micro USB Card Reader -- This installation cannot be run by directly launching the MSI package. You must run setup.exe.(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2014-09-19 01:16:17.381
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-19 01:16:17.381
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-19 01:16:17.365
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-19 01:16:17.365
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-19 01:16:17.365
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-19 01:16:17.350
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T5900 @ 2.20GHz
Percentage of memory in use: 37%
Total physical RAM: 4095.27 MB
Available physical RAM: 2570.06 MB
Total Pagefile: 8188.7 MB
Available Pagefile: 6266.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:80.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 59860DD7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________
Miniaturansicht angehängter Grafiken
-1.jpg   -2.jpg  

Alt 19.09.2014, 18:49   #4
schrauber
/// the machine
/// TB-Ausbilder
 

CPU ist ständig bei 100 Prozent auslastung - Standard

CPU ist ständig bei 100 Prozent auslastung



Auf dem Bild sehe ich nur dass Kaspersky ne menge zieht. Das mal deinstallieren und neu installieren.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu CPU ist ständig bei 100 Prozent auslastung
anti-malware, asus, aufsetzen, auslastung, cpu, cpu auslastung 100%, cpu bei 100, ebook, geforce, hallo zusammen, home, home premium, intel, kaspersky, kaspersky und malwarebytes, malwarebytes, malwarebytes anti-malware, neu, nichts, nividia, notebook, premium, prozent, prozesse, super, system, win 7, windows, zusammen




Ähnliche Themen: CPU ist ständig bei 100 Prozent auslastung


  1. Windows10 - CPU-Auslastung ständig bei 98%
    Log-Analyse und Auswertung - 16.11.2015 (7)
  2. CPU-Auslastung ständig bei 100% Windows 8.1 x64
    Log-Analyse und Auswertung - 16.07.2015 (11)
  3. CPU Auslastung von 0 auf 100% Prozent
    Log-Analyse und Auswertung - 26.03.2015 (8)
  4. Win7 ständig 70-100% CPU Auslastung
    Plagegeister aller Art und deren Bekämpfung - 15.03.2015 (20)
  5. 100 Prozent CPU Auslastung; PC spielt plötzlich Sounds und Geräusche ab
    Plagegeister aller Art und deren Bekämpfung - 27.01.2015 (13)
  6. CPU Auslastung fast 100 prozent dank svchost.exe localsystemnetworkrestricted
    Plagegeister aller Art und deren Bekämpfung - 07.09.2014 (3)
  7. Win 7 ständig hohe CPU-Auslastung 30 - 50 %
    Log-Analyse und Auswertung - 14.08.2014 (3)
  8. CPU-Auslastung ständig bei 100%
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (18)
  9. CPU Auslastung dauerhaft bei 50 Prozent oder mehr
    Log-Analyse und Auswertung - 30.07.2013 (15)
  10. CPU-Auslastung ständig beim 100%
    Log-Analyse und Auswertung - 21.04.2013 (1)
  11. Ständig neue Browserfenster und CPU-Auslastung bei 100%
    Log-Analyse und Auswertung - 11.12.2009 (24)
  12. ständig 100% Auslastung
    Log-Analyse und Auswertung - 23.10.2009 (1)
  13. CPU-Auslastung permanent 100 Prozent / Internet Explorer hängt, bekommt k. Verbindung
    Log-Analyse und Auswertung - 11.05.2009 (0)
  14. Trojaner TR/Agent.VB.AO.1 und ständig 100% CPU-Auslastung
    Log-Analyse und Auswertung - 07.02.2009 (0)
  15. Cpu auslastung 100 prozent!
    Log-Analyse und Auswertung - 04.02.2008 (3)
  16. CPU-Auslastung immer bei 100 Prozent
    Log-Analyse und Auswertung - 26.07.2007 (9)
  17. cpu-Auslastung ständig bei 100%
    Log-Analyse und Auswertung - 19.05.2006 (5)

Zum Thema CPU ist ständig bei 100 Prozent auslastung - Hallo Zusammen, Jedes Mal wenn ich mein Notebook (Asus Pro66ic) hochfahre, ist mein CPU bei 100 Prozent ausgelastet. Neu aufsetzen von Windows, hat leider auch nicht gebracht. Kaspersky und Malwarebytes - CPU ist ständig bei 100 Prozent auslastung...
Archiv
Du betrachtest: CPU ist ständig bei 100 Prozent auslastung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.