Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Computer ist sehr langsam und hängt manchmal

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.11.2014, 18:11   #1
dinok
 
Computer ist sehr langsam und hängt manchmal - Standard

Computer ist sehr langsam und hängt manchmal



Hallo trojaner-board Team,

seit ein paar Tagen ist mein Computer sehr langsam + wenn ich neuen Tab im Browser drücke kommt
chrome://unitedtb/content/newtab/newtab-page.xhtml. Manchmal hängt er auch komplett. Ich weiss nicht was los ist.
Es kann sein dass ich mal eine Web toolbar installiert habe. Habe diese aber später wieder gelöscht. Ansonsten wüsste ich nicht was das Problem ausgelöst hat.

Heute habe ich den Computer hochgefahren und erst einmal kam ein schwarzer Bildschirm mit scaN 10%11%... bis 100% fertig war und erst dann kam windows. Das hat er sonst auch nie gemacht.

Bitte helft mir.

Angaben zu meinem Computer:

Windows 7 Home Premium
Service Pack1
32 Bit

benutze Emsisoft Anti Maleware. Dieses Programm hat aber weder Maleware noch Viren gefunden.

Ich freue mich auf eure Antworten und Hilfen. Sollte ich noch wissen müssen gebt mir bitte Bescheid. Vielen Dank schon mal im voraus.

LG Sandra



Habe eben von HijackThis gelesen.Soll ich das mal benutzen ? Oder hilft das nicht?

Alt 28.11.2014, 18:36   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Computer ist sehr langsam und hängt manchmal - Standard

Computer ist sehr langsam und hängt manchmal



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 29.11.2014, 15:21   #3
dinok
 
Computer ist sehr langsam und hängt manchmal - Standard

FRST



FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by User (administrator) on USER-PC on 28-11-2014 19:01:55
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User & UpdatusUser)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
() C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(CyberLink) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\bin32\nSvcAppFlt.exe
() C:\Program Files\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Acer Empowering Technology Monitor] => C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [319488 2008-04-25] ()
HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] ()
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (Egis Incorporated)
HKLM\...\Run: [EmpoweringTechnology] => C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [319488 2008-04-25] ()
HKLM\...\Run: [WarReg_PopUp] => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [4873248 2014-10-14] (Emsisoft GmbH)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1071514771-2767416886-4067714436-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ARS&o=15084&src=crm&q={searchTerms}&locale=de_DE
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: WEB.DE Toolbar BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM - No Name - {C424171E-592A-415a-9EB1-DFD6D95D3530} -  No File
Toolbar: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File
Toolbar: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.161 83.169.184.225

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://www.web.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\webde-suche.xml

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-21]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-21]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4816568 2014-10-14] (Emsisoft GmbH)
R2 Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [269448 2008-01-25] (CyberLink) [File not signed]
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
S4 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-04-25] () [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe [598016 2008-01-29] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 nSvcIp; C:\Program Files\bin32\nSvcIp.exe [163840 2008-01-29] () [File not signed]
R2 NTIBackupSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [File not signed]
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-19] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-14] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-05-14] (Emsisoft GmbH)
S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [28256 2010-06-24] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [28256 2010-06-24] (Applian Technologies Inc.)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-28 19:01 - 2014-11-28 19:02 - 00018683 _____ () C:\Users\User\Downloads\FRST.txt
2014-11-28 17:31 - 2014-11-28 19:01 - 00000000 ____D () C:\FRST
2014-11-28 17:30 - 2014-11-28 17:30 - 01109504 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2014-11-27 13:07 - 2014-11-28 17:16 - 00031744 _____ () C:\Windows\setupact.log
2014-11-27 13:07 - 2014-11-28 17:16 - 00001802 _____ () C:\Windows\PFRO.log
2014-11-27 13:07 - 2014-11-27 13:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-27 08:55 - 2014-11-27 08:55 - 00000000 ____D () C:\Users\User\AppData\Local\{521FE978-A1FA-4FAD-A2F6-DCC3CB54CB6F}
2014-11-26 16:25 - 2014-11-26 16:25 - 00000000 ____D () C:\Users\User\AppData\Local\{F4BFE378-26DF-4AC0-9279-C0D28F77C817}
2014-11-26 11:42 - 2014-11-28 18:47 - 00142687 _____ () C:\Windows\WindowsUpdate.log
2014-11-20 17:13 - 2014-11-20 17:13 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieBrowserModeList
2014-11-19 10:01 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 10:01 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-12 16:05 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 16:05 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 16:05 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 16:05 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 16:05 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 16:05 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 16:05 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 16:05 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 16:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 16:05 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 16:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 16:02 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 16:02 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 16:02 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 16:02 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 16:02 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 16:01 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 16:01 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 16:01 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 16:01 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 16:01 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 16:01 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 16:01 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 16:01 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 16:01 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 16:01 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 16:01 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 16:01 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 16:01 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 16:01 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 16:01 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 16:01 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 16:01 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 16:01 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 16:01 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 16:01 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 16:01 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 16:01 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 16:01 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 16:01 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 16:01 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 16:01 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 16:01 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 16:01 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 16:01 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 16:01 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 00:05 - 2014-11-12 00:05 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-11-12 00:05 - 2014-11-12 00:05 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-11-08 12:08 - 2014-11-12 15:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-28 18:56 - 2013-08-09 12:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-28 18:20 - 2011-04-15 16:18 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-11-28 18:01 - 2011-03-09 13:56 - 00018640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-28 18:01 - 2011-03-09 13:56 - 00018640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-28 17:22 - 2011-03-09 14:19 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-28 17:16 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-28 17:16 - 2008-05-09 10:54 - 00000147 _____ () C:\Windows\system32\agent.log
2014-11-28 17:16 - 2008-05-09 10:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-26 11:56 - 2013-08-09 12:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 11:56 - 2013-08-09 12:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-25 17:24 - 2011-04-29 21:21 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-11-18 12:11 - 2009-07-14 05:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-14 09:58 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-11-14 09:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 20:14 - 2009-07-14 05:33 - 00336496 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 20:12 - 2014-05-14 14:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 20:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-12 18:44 - 2008-05-09 10:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 16:07 - 2013-08-14 11:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 16:03 - 2011-03-11 08:17 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 15:24 - 2013-03-05 11:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-12 15:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-11-12 15:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-11-12 15:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-12 15:24 - 2008-05-09 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 8
2014-11-12 15:24 - 2008-05-09 10:53 - 00000000 ____D () C:\Program Files\NewTech Infosystems
2014-11-12 15:24 - 2008-05-09 09:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-11 23:46 - 2014-09-25 09:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-11-08 11:04 - 2011-03-11 09:48 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-11-04 14:30 - 2011-03-09 14:32 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 09:18

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 26-11-2014 01
Ran by User at 2014-11-28 19:02:51
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Arcade Live Main Page (HKLM\...\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}) (Version: 1.1.1331 - Acer Inc.)
Acer DV Magician (HKLM\...\{F6EFFB76-4A07-11DA-9D78-000129760D75}) (Version: 1.5.0920 - Acer Inc.)
Acer DVDivine (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.2.1730 - Acer Inc.)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3060 - Egis Inc.)
Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3014 - Acer Incorporated)
Acer HomeMedia (HKLM\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 1.4.1331 - Acer Inc.)
Acer HomeMedia Connect (HKLM\...\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}) (Version: 1.4.4931 - Acer Inc.)
Acer HomeMedia Trial Creator (HKLM\...\{B580C409-E16F-44FF-904D-3AE94E113BE0}) (Version: 1.4.1331 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 4.01.0422 - Acer Incorporated)
Acer SlideShow DVD (HKLM\...\{41581EF5-45A7-11DA-9D78-000129760D75}) (Version: 1.5.1109 - Acer Inc.)
Acer VideoMagician (HKLM\...\{F79A208D-D929-11D9-9D77-000129760D75}) (Version: 1.4.1017 - Acer Inc.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader 8.3.1 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)
AV Input Selection (HKLM\...\{F429ED71-4A8B-457A-85E4-F6398CE73E58}) (Version: 1.02.0047 - YUAN)
Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - )
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 0.9.3.9 - )
Canon Utilities CameraWindow (HKLM\...\CameraWindowLauncher) (Version: 7.0.0.8 - )
Canon Utilities CameraWindow DC (HKLM\...\CameraWindowDC) (Version: 7.0.0.15 - )
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.1.15 - )
Canon Utilities MyCamera (HKLM\...\MyCamera) (Version: 6.4.0.5 - )
Canon Utilities MyCamera DC (HKLM\...\MyCameraDC) (Version: 7.0.0.5 - )
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.20.44 - )
Canon Utilities RemoteCapture DC (HKLM\...\RemoteCaptureDC) (Version: 3.0.1.8 - )
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.1.9 - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Emsisoft Anti-Malware (HKLM\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.5 - Emsisoft GmbH)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.606 - NewTech Infosystems)
NTI Backup Now Standard (Version: 5.1.2.606 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6329 - NewTech Infosystems)
NTI Media Maker 8 (Version: 8.0.2.6329 - NewTech Infosystems) Hidden
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA ForceWare Network Access Manager (HKLM\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.6776 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - Realtek Semiconductor Corp.)
Replay Media Catcher 4 (HKLM\...\{C34FB250-DAB9-4353-831C-9452BC2C16F3}) (Version: 4.2.1 - Applian Technologies)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 1.1.9 (HKLM\...\VLC media player) (Version: 1.1.9 - VideoLAN)
WEB.DE Club SmartFax (HKLM\...\WEB.DE Club SmartFax) (Version: 2.00.235 - 1&1 Mail & Media GmbH)
WEB.DE Toolbar MSVC100 CRT x86 (Version: 1.0.0 - 1&1 Mail & Media GmbH) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-11-2014 08:47:41 Windows Update
19-11-2014 09:22:00 Windows Update
25-11-2014 07:53:50 Windows Update
28-11-2014 16:22:08 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {47F6FB86-CED2-41DF-8DB4-3D9E3EEBF313} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5B9BF116-336C-4E2A-802A-262872F02834} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {64262200-38AF-4E1F-BA70-2E97DA27E7ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {6E74CB6E-236B-42F8-94B3-CBAF2A360E96} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {89EAE22B-38B9-4D29-B52A-0F3B2E4710A7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {AF322FF5-5124-4EFA-BAF3-3D9201660BFC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {CD2C2760-1719-4376-B639-E4593B6F32D4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-06-23 19:16 - 2014-10-06 18:33 - 00775400 _____ () C:\Program Files\Emsisoft Anti-Malware\fw32.dll
2012-11-18 12:44 - 2013-01-18 15:20 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2008-05-09 10:16 - 2008-04-25 12:31 - 00319488 _____ () C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
2008-04-25 21:36 - 2008-04-25 21:36 - 00028672 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
2008-04-28 09:49 - 2008-04-28 09:49 - 00003072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
2008-03-04 22:38 - 2008-03-04 22:38 - 00227888 _____ () C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
2008-05-09 10:16 - 2008-04-25 12:31 - 00319488 _____ () C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
2008-05-09 10:16 - 2008-04-25 12:29 - 01822720 _____ () C:\Program Files\Acer\Empowering Technology\Framework.AppBar.dll
2008-05-09 10:16 - 2008-04-25 12:30 - 00011264 _____ () C:\Program Files\Acer\Empowering Technology\Framework.Presenter.dll
2011-03-09 14:03 - 2011-03-09 14:03 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3008.0__4df5dcab8860d239\Framework.Utility.dll
2011-03-09 14:03 - 2011-03-09 14:03 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3008.0__3036420f80dd6947\Framework.Library.dll
2011-03-09 14:03 - 2011-03-09 14:03 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3008.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2008-05-09 10:16 - 2008-04-25 12:29 - 00005120 _____ () C:\Program Files\Acer\Empowering Technology\de\Framework.AppBar.resources.dll
2011-03-09 14:03 - 2011-03-09 14:03 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3008.0__672b450de5a7e94a\Framework.Host.dll
2008-05-09 10:26 - 2008-01-25 17:49 - 00098304 _____ () C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLSchRecordMonitor.dll
2008-05-09 10:26 - 2008-01-25 17:49 - 00260096 _____ () C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\sqlite3.dll
2007-06-24 19:09 - 2007-06-24 19:09 - 01024000 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2007-06-24 19:09 - 2007-06-24 19:09 - 00098304 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2007-06-24 19:09 - 2007-06-24 19:09 - 00061440 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2008-04-25 21:36 - 2008-04-25 21:36 - 00131072 _____ () C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
2008-05-09 10:23 - 2006-07-19 19:36 - 00262247 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2008-01-29 11:25 - 2008-01-29 11:25 - 00598016 _____ () C:\Program Files\bin32\nSvcAppFlt.exe
2008-01-29 11:17 - 2008-01-29 11:17 - 00102400 _____ () C:\Program Files\bin32\nv_common.dll
2008-01-29 11:18 - 2008-01-29 11:18 - 00454656 _____ () C:\Program Files\bin32\SpecialCase.dll
2008-01-29 11:24 - 2008-01-29 11:24 - 00163840 _____ () C:\Program Files\bin32\nSvcIp.exe
2014-11-08 12:08 - 2014-11-11 23:47 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-11-26 11:56 - 2014-11-26 11:56 - 16841392 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ETService => 2
MSCONFIG\startupreg: PCMMediaSharing => C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1071514771-2767416886-4067714436-500 - Administrator - Disabled)
Gast (S-1-5-21-1071514771-2767416886-4067714436-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1071514771-2767416886-4067714436-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-1071514771-2767416886-4067714436-1003 - Limited - Enabled) => C:\Users\UpdatusUser
User (S-1-5-21-1071514771-2767416886-4067714436-1000 - Administrator - Enabled) => C:\Users\User

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/28/2014 05:17:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2014 05:25:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2014 05:20:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2014 01:09:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/27/2014 08:54:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/26/2014 07:30:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/26/2014 03:26:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/26/2014 00:51:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/26/2014 11:41:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/25/2014 05:25:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/28/2014 05:18:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (11/28/2014 05:18:42 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (11/27/2014 06:31:02 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "ACER" den Befehl "chkdsk" aus.

Error: (11/27/2014 06:31:02 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "ACER" den Befehl "chkdsk" aus.

Error: (11/27/2014 06:31:01 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "ACER" den Befehl "chkdsk" aus.

Error: (11/27/2014 06:31:01 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "ACER" den Befehl "chkdsk" aus.

Error: (11/27/2014 06:31:01 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "ACER" den Befehl "chkdsk" aus.

Error: (11/27/2014 06:25:43 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "ACER" den Befehl "chkdsk" aus.

Error: (11/27/2014 06:25:43 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "ACER" den Befehl "chkdsk" aus.

Error: (11/27/2014 06:25:43 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "ACER" den Befehl "chkdsk" aus.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Athlon(tm) Dual Core Processor 4450e
Percentage of memory in use: 35%
Total physical RAM: 2814.55 MB
Available physical RAM: 1820.63 MB
Total Pagefile: 5629.1 MB
Available Pagefile: 3467.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.39 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:139.15 GB) (Free:87.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:142.94 GB) (Free:107.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: CA69F905)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=139.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=142.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Wie gehts nun weiter ?

Bitte der Computer wird immer langsamer.
__________________

Alt 30.11.2014, 08:43   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Computer ist sehr langsam und hängt manchmal - Standard

Computer ist sehr langsam und hängt manchmal



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.11.2014, 13:34   #5
dinok
 
Computer ist sehr langsam und hängt manchmal - Standard

Computer ist sehr langsam und hängt manchmal



Super vielen lieben Dank für deine Nachricht

HTML-Code:
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Scan, 30.11.2014 00:03:21, SYSTEM, USER-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 15 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 2-Malwareerkennung, 

(end)
Code:
ATTFilter
# AdwCleaner v4.102 - Bericht erstellt am 30/11/2014 um 00:20:03
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-27.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Downloads\AdwCleaner_4.102.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\user.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v33.1.1 (x86 de)

[8oe4ji58.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[8oe4ji58.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
[8oe4ji58.default\prefs.js] - Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.ixquick.com");

-\\ Google Chrome v

[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : geggofhlfbcmanadhknllmlajiafopoh

*************************

AdwCleaner[R0].txt - [2568 octets] - [30/11/2014 00:12:50]
AdwCleaner[S0].txt - [2516 octets] - [30/11/2014 00:20:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2576 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x86
Ran by User on 30.11.2014 at  0:25:23,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{000341A6-88FB-4E4D-8126-6B57CDE7E923}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{01B60EEA-8621-4CD5-B978-6051E58FFB72}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{025057E6-21F2-4017-9D04-7B2B827365F0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02F86ED5-8C31-4262-BF29-4396AEE6A868}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{036461DF-3C92-4A51-ACFA-87BAA34E7E22}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{066965A1-FF33-4597-B8F7-7F4A2CAC3902}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{06AE9000-6EBE-4D5E-BD81-C44BED71C686}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{07467861-9EFA-40EC-8E42-B9408AD2AA50}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{07AEDFA1-6015-47EA-8068-3A13514822C2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0A5859C9-AB18-48E5-9D37-C505CD7F1A61}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0C4ED472-5C2D-4EC6-A31B-7C3D52B466C0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0DA36DD7-7842-4073-BF49-E16DE83EF399}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0E85FF26-9CB6-48AB-B0E4-19D4640CF608}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{114DF098-32BA-4F8D-83FA-B9BD265FCCD2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{11AC8D57-996E-4C59-B8DE-5F1C459AB8EE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{12F0A458-4960-4039-9126-EDF8EFE2B134}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{136A67C2-7556-4FC6-AD99-C9D2B5D1B30B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{13B3BFA6-6DAA-4CA8-97C3-F9461BAAF12B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{14C4D8C4-1553-4316-A810-13DF1A1BE98A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{15ECB7C9-E1E8-4C71-A74B-42915AEF5ADE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{168B7A22-28E9-4BED-B111-4FC740CF1D78}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1704A8A9-0C30-4397-B84C-B660888E72AC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{18E99246-3F25-40AE-940D-C64ADD0E211F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{192548FF-EA3B-47DD-96C6-D874DE530254}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{194B9785-9144-413A-A53B-B6ECC8F3BAE4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1A555C0A-2A86-4946-B367-AD28E0E7CE55}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1D977EB1-8ABD-4C3C-9C98-C750DAA8AC60}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1E126C33-92A0-4265-B8DC-755FCE2D0F20}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2361A12E-034F-42EB-87EE-576432BD79F1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{240D7E07-5E11-4A8A-B88F-0305138B66BD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{246EE1F9-D1B7-44CA-8A96-BC03C434A762}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24851E44-2827-42E8-B7DE-A864909FEF6A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24AF6728-7CD1-4172-80D9-8F383C484776}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{252159BF-296D-43FC-83F7-7CF3FBD78C29}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{25CF3EFB-B67A-4309-8D36-AD740FEED305}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{262BBD93-EDB4-4E05-9552-A5435DCD495B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{27DBCB59-F3EC-45CE-B18F-72074FC8C17C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2818ED16-269B-4656-B64E-E96CB866D292}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2854C8CA-F42E-4402-A946-BB3388F945F7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2A710877-430F-451E-BB89-691E9B1B47EC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2C4F541D-6040-4180-9AE4-3AEF26DE4050}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2C5A8D21-16CC-42D2-AAF0-B0B7CC682DA6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2CC32001-87F5-4499-86FF-9A3B2F9A44C1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2E5195E2-6F74-401B-962A-987ECF632BF1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2FC4EAEA-D44F-4768-A795-D8E0BE7FEA30}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3402F2A2-6F7C-4147-BD2B-84432B67CA60}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{348DF894-4593-4965-95A5-A8E492A4EF07}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3630DA48-DE28-4175-992A-6EBD59054C60}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3852E3DC-0BC3-4651-AB47-A3F4E3ED2FCF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3922080D-30A6-4637-8196-D62B9E988FC3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{39312663-F66E-418F-91A6-436F799F6BA5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{39C184CF-2E55-4C49-B187-25605F17E0A7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3A00737F-B8EB-491E-A160-8384F9B65BCD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3A57A5FB-DE62-49E1-9829-C535A4BE7C68}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3A6FB90A-E901-4C21-94FD-0261ADFD55E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3C0CBC89-D9C9-4965-97E4-0532647266B7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3F11806E-C55C-423D-80A2-49CDC7A41BBC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4183ED59-B36B-48EE-B365-EE8EFEFEE1B9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{42D7B51D-D982-42BC-8D96-049533003FEE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{432E60C7-8CE2-4903-B22F-5612638C2263}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{43404680-90A1-488F-8B4D-872BB553E685}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{43555969-99D6-40CE-9599-E5BDA7DF8702}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4385288E-1F62-47AF-904B-D7A65A4E6C7A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{43C0FD37-ABE4-4DEB-9185-07E9CA517B6D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{473BCB20-DB42-4F20-A9F7-0A0E4E974BEF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{47C7FFA0-B1F3-4B44-B575-B8A6F0CED9EB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{48370C5F-332C-4FB0-8533-E931469C928A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{48CFF988-6E9A-4846-8430-72FFD7AFB8FC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4B004529-91AE-4B8D-89F1-EF00DCEC560C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4B8630DA-928B-468A-98B1-9CFEB698A095}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4D1F82D1-359E-4FD0-9367-33EB2E5260E7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{517F3480-A119-44B4-A11A-375008F39F25}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{521FE978-A1FA-4FAD-A2F6-DCC3CB54CB6F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{527DFE4F-B5E4-4426-BD3C-6E4CA502E214}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5280192E-B846-4E0F-84DE-446537CDCD6D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{54506A63-EDB9-48C7-9737-654D60633EED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{551E931B-07AB-4E95-A715-3A4BA08997B7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5800D291-CDF8-407E-8A5F-A802001D50C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5884ED35-8DC2-41F8-9EA7-AC634974D439}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5A65D8A4-7B78-450A-AD31-35B11F1059AE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5B448726-7CB7-4CEA-9C3D-15FD1D7A0AB3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5EAAEA22-388D-4E52-934D-73A4FF9B09AB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{60C841DB-B6DE-4875-BCE5-4D0808C68223}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{60FA484A-165C-4536-8F94-42AE75DFAA3A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{63052BA1-68B8-44AF-97BA-3E01E5D6D629}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6362CE3B-CF35-4908-B840-2164D694D239}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{641B57BA-B869-471A-A7DD-D26F53DD53BF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{651F4D04-916F-4790-A76C-91AB69AC4314}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{66E3E040-DF26-4E85-B5DD-AC6E501E4F0D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{678EB51C-108E-4954-8137-3E0FF9E28212}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{68D2B867-7EEC-4976-B618-B3E283A8A3C3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{69BA8B03-4E6B-451D-9591-01EE49F9ED0B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{69EA5E2C-824E-49BD-B35A-18433AF6D651}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6C80C28D-E7A2-4192-BB1A-7A6209B93340}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6E853171-F24A-4CE3-A87E-7E40AE31D962}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6E9A23A3-C7B5-4035-86E3-A5F47BA33B15}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6F666197-67BD-4131-B124-8C34632ACF3F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7083321D-FD22-4768-9C93-95331CB2A348}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{72D3FD34-9885-4351-8F97-9C92CD4E4071}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{73EC267F-A8AD-40CA-98BD-29A50EA087DD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{75479B06-93A5-487F-868E-4DD95B2F1A2F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{75BFC5E0-E976-440E-AA1B-593E79926C81}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{75DF6841-86B9-431F-B774-4CF495E914E6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{781FA726-5299-410B-AEDD-7AD37302755F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{78D5A773-AEBE-41AF-B1DD-18934BB695BB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{79977F97-8422-4590-81EE-A875DDDCFA85}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7BF19669-E888-4DD5-BBC7-5148C824633C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7C82B686-9005-44FA-A17A-B981627E832F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7D6A7E50-BABE-4F2C-B5A5-0D365F814E0E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7E3E6901-26D5-4FC4-8AE6-864AB20C1BD8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{837A0348-2F8C-4CDD-9728-63D3F7D8CA97}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{85B24B02-D67B-4CD2-949C-B8B6AD04B1B2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{860A0322-D30D-4BBA-A491-734A6808AAA8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{86E86B42-081E-464A-8BE8-3411A4E18689}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{86ECABB2-845D-431B-9AEF-D57E1852C916}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8742F593-6A56-441C-9EE3-6F0E106D078D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8AC4BCEC-AB6F-4293-A397-EB77126B3E10}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8B3F8BB3-4885-4E7B-8B9C-A236B46E086D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8D7125A0-5909-4894-A3DF-7B4AAB17BA29}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8FA0A336-F2AA-47C6-B8C9-EA48D9909159}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8FD97CFE-0DDF-4342-814B-4B0A1A6251B6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9007F81D-81F3-4411-A11E-C7324AD28552}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{91FC3B7B-0F0F-49EE-8B35-3C26A5DB8C67}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9298491C-C911-46C7-ABBD-137E4D5930F1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{938C0C38-C8E7-4FC8-A68B-7CDA349F4E23}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{94E20F93-FB5C-4F99-8EC8-376962F8E7DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9520DE2E-A91F-464A-801D-29148EAA6C09}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9545F803-ECCF-4DDA-BB97-1062737710A8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{985C6EB0-360F-4AE6-B6B5-22988DA9018C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{993EA2F8-35A6-46FA-883C-2F219029D0B9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{99CB1774-2377-4F01-9625-9B5B1B24F276}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9FB8A647-8C5A-4A7B-A3C3-97B15EDCDF0E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A08ABBF8-E0BD-428D-8590-D0CC5D9983F6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A1600526-A5F6-461E-A122-1E1506F14CFF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A165C5FF-6AE2-4B89-9F12-1692FA025B22}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A35F3187-7F4F-436A-B08C-030EC3966A8C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A423E1FF-156A-4864-8980-3F4D29657091}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A4BC968D-BD08-4692-9052-13EC187FE198}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A5066D3C-B56B-4077-8F37-D932739437CF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A7DD924B-2CDA-4EDF-BC59-97DD7132EEBD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A9BE71DA-A449-4FAE-957B-71EB3F86709A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AB1A61CF-C335-432C-BD06-CA93C1132EE8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AD3DE5E0-6341-4C04-A39A-872D84FB0DD2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AD8B0877-BAF4-4A63-B7F6-E522895154F1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ADF81201-151A-4790-9F12-06745E674B09}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AEE1430E-B615-468D-9EE2-B43A82CEB3E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B0A5FFBB-6CB8-4938-B8F3-D23640D497BA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B2797AF2-2E59-43DA-A370-2DDAAFE9B203}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B5C69ED6-F053-4896-90EE-09C463D956B3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B729EB6A-9F82-4308-B070-98B09E57892A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BAD5F7EA-1F09-4415-9A2C-8AAE4F419B39}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BD32F97F-0704-4BD7-BA4F-1BCFF33EF5D3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BD84F1C5-9509-46A1-96DB-48A7118D305D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BDFFBC4C-1176-425B-8E8F-C9C766E3D46A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BEBB49EB-3D60-4FFE-AE85-A7FB822E2464}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BF2E8E9A-29CA-459F-B254-EF5B836CF0C7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C2D2BC9F-C2F4-4AFD-AA0C-1FF8F42866D1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C31A54ED-0E9F-44CA-9A93-3852BD197CBF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C31F8CB4-9A5C-40BD-8F40-F90A5BD9A3E4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C42AB087-BEF3-4652-A393-226F52BA2EA8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C5D651EC-33F4-4A57-BEFD-92092F832E2B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C60D1CC8-6130-4F9B-ABA8-A4E3C8FF1EE0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C661D0CF-4A42-43F5-AC3B-DB7412B8EC5F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C6F005C2-B8F6-488B-A115-575D4F2ED26E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C870FCB9-4256-4E64-936E-8787CBDB88F0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C922ADF8-F0A5-41FA-89D5-28C810241373}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CA456B5B-DDFA-4168-B54B-423A1E8B8A56}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CA766132-0BB4-4D1D-B1ED-AD4F99735F45}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE98DD68-3EC1-4EB8-A08D-21C37D671BE7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D0655266-DEEC-483D-9859-30C43EC8F58D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D10869BD-0D3D-4A27-B369-A5E63A7676BA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D1C67045-69CE-46DA-B889-B5B37DC400C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D1F02B20-4F27-4B50-8B5F-70DFC7FBCC3D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D238DCDE-562C-4CB3-9C8E-7466803B9678}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D24B3E2D-BA43-4EB1-8D39-57114BD1CAA8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D4F60E50-CEE5-46FD-A867-80A75BCB00D0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D5559521-8CB9-49F0-82C6-BC1A9AC5BE18}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D583EDC3-26D1-43FF-BAB4-BB2124714E64}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D6AE33F5-E2D3-467F-A7C6-C2E812E2FF2C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D872F18D-726E-488D-BA5A-BFBD5C2EEF2E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D8E8820F-B895-476E-A75E-089B6333D597}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D999D606-D70F-44F4-9599-9B50DF4D15E7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DA97EF9F-7E33-4122-A9AD-17506D289381}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DAD05AC8-D2D9-4C2C-BA03-F957B1DD3B91}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB3F3C17-8259-4911-B747-881A67A93CCD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DBFA33F1-D60A-4F89-B8F1-5E66CA1A32ED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DC632E18-CD1C-4ED9-B6D3-F575092A9809}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DD4D6AEA-116C-4BD9-9413-384B2594B8E3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE6D027D-4645-4CFB-A77F-9AC390A41615}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E0A2E45C-8C0F-479F-85D6-119FDFA64682}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E2B2F9C5-FE9B-4D8F-B65F-B2D3E23A504B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E410B9E3-7A25-4A3E-93B8-063BC7DE2621}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E5386766-E66F-4291-832A-F9D7246F96DA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E5E1BB98-CF7F-4EAF-A4E7-29BBB2E69A0D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E5F52CCD-3B99-4512-B707-D01716CAD713}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E6343BAD-3E2E-4CD9-826B-8BCD8EA52CEF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E78FC80F-4638-4185-A6CB-D127E5177BAA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E7D2C320-FA0B-4DAF-BAA5-D9EB7BFA4BD5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E906F06C-B123-4BB5-A30A-281C2F5C1DA1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EBD122DD-E4D9-4CD0-8849-384D8970A0C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EC243F82-0703-4414-899D-8FCAE04A2770}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ED28D68C-57B9-46C7-A2FC-8B4A23F5AF89}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EF1C60F5-C3B7-4919-A2B9-A9DDED3C88DB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F0BDCF9A-D4D3-468C-A651-82AA0B050B3C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F2E13ADF-8E19-469A-B025-F7A940855B24}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F4033811-B0D4-43DF-A3D0-76D3A1EE4981}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F4BFE378-26DF-4AC0-9279-C0D28F77C817}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F66F92AD-68F5-4F03-AA7A-99332A75BEB0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F719BA82-500F-442F-BDD3-520CBE05226A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F7D2CE16-4B3F-44FF-AAB5-6B56BD903CFD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F7E67613-CC46-4A7C-8E69-34F9952A52E1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F8145A68-4A40-4019-8D8D-CBA443D39C0F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F83D10CC-F38E-471E-804A-4424FE35373C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F84F2E55-6D5D-498D-AA88-9F955496D63D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F9064CF2-CA8E-492C-B307-A000BC27136C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FC861EEA-3732-42EC-BE29-C75DE19FBF4A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FE9C644F-4DE4-4D95-B7CB-D25B23DF6875}



~~~ FireFox

Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\8oe4ji58.default\minidumps [2198 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.11.2014 at  0:39:45,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


Toolbars und 2 Maleware haben die Programme gefunden.
Wie gehts nun weiter ? Vielen Dank für deine bisherige Hilfe.


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by User (administrator) on USER-PC on 30-11-2014 13:12:58
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User & UpdatusUser)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
() C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(CyberLink) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\bin32\nSvcAppFlt.exe
() C:\Program Files\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Acer Empowering Technology Monitor] => C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [319488 2008-04-25] ()
HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] ()
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (Egis Incorporated)
HKLM\...\Run: [EmpoweringTechnology] => C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [319488 2008-04-25] ()
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [4873248 2014-10-14] (Emsisoft GmbH)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1071514771-2767416886-4067714436-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: WEB.DE Toolbar BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.161 83.169.184.225

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default
FF NewTab:  about:newtab
FF DefaultSearchEngine: WEB.DE Suche
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: https://www.ixquick.com/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\webde-suche.xml

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-21]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-21]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4816568 2014-10-14] (Emsisoft GmbH)
R2 Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [269448 2008-01-25] (CyberLink) [File not signed]
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
S4 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-04-25] () [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe [598016 2008-01-29] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 nSvcIp; C:\Program Files\bin32\nSvcIp.exe [163840 2008-01-29] () [File not signed]
R2 NTIBackupSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [File not signed]
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-19] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-14] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-05-14] (Emsisoft GmbH)
S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [28256 2010-06-24] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [28256 2010-06-24] (Applian Technologies Inc.)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-11-30] (Malwarebytes Corporation)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 00:40 - 2014-11-30 12:57 - 00000000 ____D () C:\Users\User\Desktop\clean
2014-11-30 00:24 - 2014-11-30 00:24 - 00000000 ____D () C:\Windows\ERUNT
2014-11-30 00:23 - 2014-11-30 00:23 - 01707646 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-11-30 00:12 - 2014-11-30 00:20 - 00000000 ____D () C:\AdwCleaner
2014-11-30 00:12 - 2014-11-30 00:12 - 02148864 _____ () C:\Users\User\Downloads\AdwCleaner_4.102.exe
2014-11-29 23:45 - 2014-11-30 12:58 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-29 23:43 - 2014-11-29 23:43 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-29 23:43 - 2014-11-29 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-29 23:43 - 2014-11-29 23:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-29 23:43 - 2014-11-29 23:43 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-11-29 23:43 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-29 23:43 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-29 23:43 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-29 23:42 - 2014-11-29 23:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-29 18:23 - 2014-11-29 18:23 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-29 18:23 - 2014-11-29 18:23 - 00001113 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-29 18:12 - 2014-11-29 18:12 - 00000000 ____D () C:\Windows\pss
2014-11-28 19:19 - 2014-11-28 19:19 - 00000389 _____ () C:\Users\User\Desktop\script fehler.txt
2014-11-28 19:02 - 2014-11-28 19:03 - 00023390 _____ () C:\Users\User\Downloads\Addition.txt
2014-11-28 19:01 - 2014-11-30 13:12 - 00017358 _____ () C:\Users\User\Downloads\FRST.txt
2014-11-28 17:31 - 2014-11-30 13:13 - 00000000 ____D () C:\FRST
2014-11-28 17:30 - 2014-11-28 17:30 - 01109504 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2014-11-27 13:07 - 2014-11-30 12:34 - 00111915 _____ () C:\Windows\setupact.log
2014-11-27 13:07 - 2014-11-30 12:34 - 00011476 _____ () C:\Windows\PFRO.log
2014-11-27 13:07 - 2014-11-27 13:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-26 11:42 - 2014-11-30 00:52 - 00279681 _____ () C:\Windows\WindowsUpdate.log
2014-11-20 17:13 - 2014-11-20 17:13 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieBrowserModeList
2014-11-19 10:01 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 10:01 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-12 16:05 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 16:05 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 16:05 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 16:05 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 16:05 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 16:05 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 16:05 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 16:05 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 16:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 16:05 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 16:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 16:02 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 16:02 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 16:02 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 16:02 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 16:02 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 16:01 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 16:01 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 16:01 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 16:01 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 16:01 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 16:01 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 16:01 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 16:01 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 16:01 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 16:01 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 16:01 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 16:01 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 16:01 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 16:01 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 16:01 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 16:01 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 16:01 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 16:01 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 16:01 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 16:01 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 16:01 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 16:01 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 16:01 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 16:01 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 16:01 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 16:01 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 16:01 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 16:01 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 16:01 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 16:01 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 00:05 - 2014-11-12 00:05 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-11-12 00:05 - 2014-11-12 00:05 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-11-08 12:08 - 2014-11-29 18:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 12:56 - 2013-08-09 12:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-30 12:41 - 2011-03-09 13:56 - 00018640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-30 12:41 - 2011-03-09 13:56 - 00018640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-30 12:40 - 2011-03-09 14:19 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-30 12:35 - 2011-04-15 16:18 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-11-30 12:34 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-30 12:34 - 2008-05-09 10:54 - 00000147 _____ () C:\Windows\system32\agent.log
2014-11-30 12:34 - 2008-05-09 10:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-30 00:27 - 2011-04-29 21:21 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-11-26 11:56 - 2013-08-09 12:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 11:56 - 2013-08-09 12:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-18 12:11 - 2009-07-14 05:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-14 09:58 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-11-14 09:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 20:14 - 2009-07-14 05:33 - 00336496 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 20:12 - 2014-05-14 14:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 20:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-12 18:44 - 2008-05-09 10:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 16:07 - 2013-08-14 11:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 16:03 - 2011-03-11 08:17 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 15:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-11-12 15:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-11-12 15:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-12 15:24 - 2008-05-09 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 8
2014-11-12 15:24 - 2008-05-09 10:53 - 00000000 ____D () C:\Program Files\NewTech Infosystems
2014-11-12 15:24 - 2008-05-09 09:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-11 23:46 - 2014-09-25 09:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-11-08 11:04 - 2011-03-11 09:48 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-11-04 14:30 - 2011-03-09 14:32 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 09:18

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---



Ich denke der Computer ist schon etwas schneller geworden. Trotzdem hängt er manchmal immernoch und gerade ist der Browser für 20 Sekunden gehangen. Freue mich auf deine Rückmeldung.

Nachtrag --> Browser friert öfters ein (für 20 -35 Sekunden (keine Rückmeldung)


Alt 30.11.2014, 17:57   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Computer ist sehr langsam und hängt manchmal - Standard

Computer ist sehr langsam und hängt manchmal




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Computer ist sehr langsam und hängt manchmal

Alt 01.12.2014, 22:40   #7
dinok
 
Computer ist sehr langsam und hängt manchmal - Standard

Computer ist sehr langsam und hängt manchmal



vielen Dank für deine bisherige Hilfe - Finde ich echt super

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ca920fec54cf12498a8f35e7f194908a
# engine=21338
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-01 08:27:06
# local_time=2014-12-01 09:27:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 234055 169053617 0 0
# compatibility_mode_1='Emsisoft Anti-Malware'
# compatibility_mode=16641 16777213 83 100 8496 218664714 0 0
# scanned=177020
# found=0
# cleaned=0
# scan_time=4547
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Emsisoft Anti-Malware   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 2.0.3.1025  
 Adobe Flash Player 	15.0.0.239  
 Adobe Reader 8 Adobe Reader out of Date! 
 Mozilla Firefox (33.1.1) 
````````Process Check: objlist.exe by Laurent````````  
 Emsisoft Anti-Malware a2service.exe   
 Emsisoft Anti-Malware a2guard.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01
Ran by User (administrator) on USER-PC on 01-12-2014 22:29:16
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User & UpdatusUser)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Acer\Empowering Technology\SysMonitor.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
() C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe
(CyberLink) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\bin32\nSvcAppFlt.exe
() C:\Program Files\bin32\nSvcIp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Acer Empowering Technology Monitor] => C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [319488 2008-04-25] ()
HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] ()
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (Egis Incorporated)
HKLM\...\Run: [EmpoweringTechnology] => C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [319488 2008-04-25] ()
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [4954576 2014-12-01] (Emsisoft GmbH)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll (Egis Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1071514771-2767416886-4067714436-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/br/ie9_startpage
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {09038620-190C-402B-A92F-18864E6AB22F} URL = hxxp://go.1und1.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {40064957-18EB-412d-9146-3F57E8D92EEC} URL = hxxp://go.web.de/br/ie9_search_pic/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {5A817CF6-92D5-4DE5-AC38-82DF8A73EF28} URL = hxxp://go.gmx.net/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {6B1D1FB7-7233-4F7C-802C-21A1DDB12754} URL = hxxp://go.web.de/br/ie9_search_web/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {8D27B32E-89EE-460e-82D2-5FC354078EAD} URL = hxxp://go.web.de/br/ie9_search_produkte/?su={searchTerms}
SearchScopes: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> {DCE59F23-A446-45a5-9459-E68FDC0DE38D} URL = hxxp://go.web.de/br/ie9_search_maps/?su={searchTerms}
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: WEB.DE Toolbar BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1071514771-2767416886-4067714436-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.161 83.169.184.225

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default
FF NewTab:  about:newtab
FF DefaultSearchEngine: WEB.DE Suche
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: https://www.ixquick.com/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\8oe4ji58.default\searchplugins\webde-suche.xml

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\25.0.1364.172\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-21]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-21]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [269448 2008-01-25] (CyberLink) [File not signed]
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
S4 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-04-25] () [File not signed]
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe [598016 2008-01-29] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 nSvcIp; C:\Program Files\bin32\nSvcIp.exe [163840 2008-01-29] () [File not signed]
R2 NTIBackupSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [File not signed]
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-19] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-05-14] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-05-14] (Emsisoft GmbH)
S3 appliand; C:\Windows\System32\DRIVERS\appliand.sys [28256 2010-06-24] (Applian Technologies Inc.)
R3 appliandMP; C:\Windows\System32\DRIVERS\appliand.sys [28256 2010-06-24] (Applian Technologies Inc.)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2009-09-19] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2009-09-19] (MCCI Corporation)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [100224 2009-09-19] (MCCI Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-01 10:02 - 2014-12-01 10:02 - 00852490 _____ () C:\Users\User\Downloads\SecurityCheck.exe
2014-12-01 08:05 - 2014-12-01 08:05 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_deu.exe
2014-11-30 17:31 - 2014-11-30 17:31 - 00000000 ____D () C:\Users\User\AppData\Local\{2CF8649A-372B-45E1-B8BC-61CBA6837EA0}
2014-11-30 17:00 - 2014-11-30 17:00 - 00000000 ____D () C:\Users\User\AppData\Local\{CF363B82-5B05-4ED0-80E4-E41B42CB9E19}
2014-11-30 16:59 - 2014-11-30 16:59 - 00000000 ____D () C:\Users\User\AppData\Local\{4A6BB5B2-12ED-4C91-9388-5CB23C7562A3}
2014-11-30 16:44 - 2014-11-30 16:44 - 00000000 ____D () C:\Users\User\AppData\Local\{FFE11B07-F9EC-4C95-ACEC-390C0BDA0039}
2014-11-30 16:38 - 2014-11-30 16:38 - 00000000 ____D () C:\Users\User\AppData\Local\{63331C96-8FEC-4DBF-87F9-71C93D7DBCB5}
2014-11-30 16:30 - 2014-11-30 16:30 - 00000000 ____D () C:\Users\User\AppData\Local\{B2460AC4-837A-4FDB-BB5B-F6D9980A70AC}
2014-11-30 15:37 - 2014-11-30 15:37 - 00000000 ____D () C:\Users\User\AppData\Local\{9B8D9163-F51A-48CF-B249-76152117C79A}
2014-11-30 00:40 - 2014-12-01 22:25 - 00000000 ____D () C:\Users\User\Desktop\clean
2014-11-30 00:24 - 2014-11-30 00:24 - 00000000 ____D () C:\Windows\ERUNT
2014-11-30 00:23 - 2014-11-30 00:23 - 01707646 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-11-30 00:12 - 2014-11-30 00:20 - 00000000 ____D () C:\AdwCleaner
2014-11-30 00:12 - 2014-11-30 00:12 - 02148864 _____ () C:\Users\User\Downloads\AdwCleaner_4.102.exe
2014-11-29 23:45 - 2014-11-30 13:36 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-29 23:43 - 2014-11-29 23:43 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-29 23:43 - 2014-11-29 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-29 23:43 - 2014-11-29 23:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-29 23:43 - 2014-11-29 23:43 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-11-29 23:43 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-29 23:43 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-29 23:43 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-29 23:42 - 2014-11-29 23:42 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-29 18:23 - 2014-11-29 18:23 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-29 18:23 - 2014-11-29 18:23 - 00001113 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-29 18:12 - 2014-11-29 18:12 - 00000000 ____D () C:\Windows\pss
2014-11-28 19:19 - 2014-11-28 19:19 - 00000389 _____ () C:\Users\User\Desktop\script fehler.txt
2014-11-28 19:02 - 2014-11-28 19:03 - 00023390 _____ () C:\Users\User\Downloads\Addition.txt
2014-11-28 19:01 - 2014-12-01 22:29 - 00017021 _____ () C:\Users\User\Downloads\FRST.txt
2014-11-28 17:31 - 2014-12-01 22:29 - 00000000 ____D () C:\FRST
2014-11-28 17:30 - 2014-11-28 17:30 - 01109504 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2014-11-27 13:07 - 2014-12-01 21:16 - 00143659 _____ () C:\Windows\setupact.log
2014-11-27 13:07 - 2014-12-01 21:16 - 00017630 _____ () C:\Windows\PFRO.log
2014-11-27 13:07 - 2014-11-27 13:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-26 11:42 - 2014-12-01 21:21 - 00334912 _____ () C:\Windows\WindowsUpdate.log
2014-11-20 17:13 - 2014-11-20 17:13 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieBrowserModeList
2014-11-19 10:01 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 10:01 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-12 16:05 - 2014-11-05 18:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 16:05 - 2014-11-05 18:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 16:05 - 2014-11-05 18:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 16:05 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 16:05 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 16:05 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 16:05 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 16:05 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 16:05 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 16:05 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 16:05 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 16:05 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 16:05 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 16:02 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 16:02 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 16:02 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 16:02 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 16:02 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 16:01 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 16:01 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 16:01 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 16:01 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 16:01 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 16:01 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 16:01 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 16:01 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 16:01 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 16:01 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 16:01 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 16:01 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 16:01 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 16:01 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 16:01 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 16:01 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 16:01 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 16:01 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 16:01 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 16:01 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 16:01 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 16:01 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 16:01 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 16:01 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 16:01 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 16:01 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 16:01 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 16:01 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 16:01 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 16:01 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 00:05 - 2014-11-12 00:05 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-11-12 00:05 - 2014-11-12 00:05 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-11-08 12:08 - 2014-11-29 18:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-01 22:19 - 2011-04-15 16:18 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-12-01 21:56 - 2013-08-09 12:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-01 21:24 - 2011-03-09 13:56 - 00018640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-01 21:24 - 2011-03-09 13:56 - 00018640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-01 21:21 - 2011-03-09 14:19 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-01 21:16 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-01 21:16 - 2008-05-09 10:54 - 00000147 _____ () C:\Windows\system32\agent.log
2014-12-01 21:16 - 2008-05-09 10:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-30 16:59 - 2011-04-15 15:35 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-11-30 00:27 - 2011-04-29 21:21 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-11-29 18:43 - 2008-05-09 09:56 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-26 11:56 - 2013-08-09 12:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 11:56 - 2013-08-09 12:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-18 12:11 - 2009-07-14 05:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-14 09:58 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-11-14 09:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 20:14 - 2009-07-14 05:33 - 00336496 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 20:12 - 2014-05-14 14:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 20:12 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-12 18:44 - 2008-05-09 10:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 16:07 - 2013-08-14 11:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 16:03 - 2011-03-11 08:17 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 15:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-11-12 15:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-11-12 15:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-12 15:24 - 2008-05-09 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 8
2014-11-12 15:24 - 2008-05-09 10:53 - 00000000 ____D () C:\Program Files\NewTech Infosystems
2014-11-11 23:46 - 2014-09-25 09:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-11-08 11:04 - 2011-03-11 09:48 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-11-04 14:30 - 2011-03-09 14:32 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 09:18

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Vielen Dank für deine Hilfe

So bitte sehr Wie gehts nun weiter ?

Nachtrag: Gerade hat sich mein Computer und Browser wieder aufgehangen
Browser war 15 Sekunden auf Eieruhr und beim Computer konnte man ca. 40 Sekunden nichts machen.

Frag mich was das ist. Was kann ich noch machen damit meion Computer wieder normal läuft?

Lg Sandra

Alt 02.12.2014, 20:39   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Computer ist sehr langsam und hängt manchmal - Standard

Computer ist sehr langsam und hängt manchmal



ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.12.2014, 22:14   #9
dinok
 
Computer ist sehr langsam und hängt manchmal - Standard

Computer ist sehr langsam und hängt manchmal



leider funktioniert der Link nicht.
hxxp://download.sysinternals.com/Files/ProcessExplorer.zip

habe ich da was falsch gemacht oder liegt das am LInk?



Bitte um Hilfe. Danke



Nachtrag: Es kommt folgendes weisses Bild mit folgendem Text.

Mit dieser XML-Datei sind anscheinend keine Style-Informationen verknüpft. Nachfolgend wird die Baum-Ansicht des Dokuments angezeigt.
<Error><Code>OutOfRangeInput</Code><Message>One of the request inputs is out of range.
RequestId:8dae18d6-0001-000b-1043-5be166000000
Time:2014-12-02T20:17:00.7646064Z</Message></Error>

Nachtrag: haben eben das Programm über einen anderen Anbieter heruntergeladen.

System Idle Process frisst bei mir 40 - 85% CPU

Kann aber den Process nicht stoppen.
Mittlerweille hängt sich mein Computer alle 30 bis 40 sekunden auf ( während ich das neue Programm lafen lasse.
Was kann ich tun. ?

Alt 03.12.2014, 19:42   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Computer ist sehr langsam und hängt manchmal - Standard

Computer ist sehr langsam und hängt manchmal



Zitat:
System Idle Process frisst bei mir 40 - 85% CPU

Kann aber den Process nicht stoppen.
Das muss ja auch so sein. Das ist der Leerlauf.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Computer ist sehr langsam und hängt manchmal
100%, anti, antworten, bildschirm, browser, chrome://unitedtb/content/newtab/newtab-page.xhtml, computer, computer hängt, computer langsam, fertig, helft, home, hängt, installiert, langsam, neue, neuen, problem, programm, scan, schwarzer, schwarzer bildschirm, tab, toolbar, viren, web, wissen, worte



Ähnliche Themen: Computer ist sehr langsam und hängt manchmal


  1. Windows 10 hängt sehr oft und reagiert nur sehr langsam
    Log-Analyse und Auswertung - 15.11.2015 (11)
  2. Windows 7: Rechner hängt/ sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 30.07.2015 (11)
  3. Windows 7 Laptop wird manchmal sehr langsam oder hängt sich ganz auf
    Log-Analyse und Auswertung - 26.08.2014 (15)
  4. Win7 manchmal normal, manchmal sehr sehr langsam
    Log-Analyse und Auswertung - 28.06.2014 (29)
  5. Laptop seit vorgestern langsam, hängt sich manchmal auf
    Plagegeister aller Art und deren Bekämpfung - 23.12.2013 (11)
  6. WIN7: sehr langsam, Seiten im IE manchmal schwarz, Virenscanner läuft nicht durch
    Log-Analyse und Auswertung - 09.11.2013 (14)
  7. Pc aufeinmal sehr Langsam und Hängt
    Plagegeister aller Art und deren Bekämpfung - 11.04.2012 (3)
  8. Pc ist extrem langsam und hängt sich manchmal auf.
    Alles rund um Windows - 25.03.2012 (5)
  9. Google lädt nur sehr langsam und öffnet manchmal Werbeseiten (vermutlich durch Facebook infiziert)
    Log-Analyse und Auswertung - 02.11.2011 (8)
  10. Computer Problem sehr sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 27.04.2011 (7)
  11. Prozesse doppelt, PC sehr sehr langsam, hängt sich auf, noch zu retten?
    Log-Analyse und Auswertung - 30.06.2010 (2)
  12. pc sehr langsam, maus hängt ab und zu
    Log-Analyse und Auswertung - 30.12.2008 (6)
  13. pc sehr langsam, maus hängt ab und zu
    Mülltonne - 28.12.2008 (0)
  14. Computer geht manchmal von selbst aus und manchmal verzerrte Grafiken.
    Plagegeister aller Art und deren Bekämpfung - 21.11.2008 (0)
  15. Laptop spinnt (manchmal!) sehr langsam -> Trojaner etc.?!
    Plagegeister aller Art und deren Bekämpfung - 10.10.2007 (8)
  16. pc hängt und sehr langsam- bitte überprüfen
    Log-Analyse und Auswertung - 09.09.2006 (1)
  17. ie sehr langsam und pc hängt dauernd
    Log-Analyse und Auswertung - 16.10.2005 (2)

Zum Thema Computer ist sehr langsam und hängt manchmal - Hallo trojaner-board Team, seit ein paar Tagen ist mein Computer sehr langsam + wenn ich neuen Tab im Browser drücke kommt chrome://unitedtb/content/newtab/newtab-page.xhtml. Manchmal hängt er auch komplett. Ich weiss nicht - Computer ist sehr langsam und hängt manchmal...
Archiv
Du betrachtest: Computer ist sehr langsam und hängt manchmal auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.