Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.04.2015, 20:23   #1
amon76
 
Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich. - Standard

Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.



Hallo, hoffe jemand kann mir helfen .Mein Windows läd immer für kurze Zeit etwas im Hintergrund(Sanduhr).Dadurch kann ich nix anständig schreiben.Aus 3 Wörtern werden 1 unleserliches und das nervt.Mein Mauszeiger springt immer in die Mitte des Bildschirms und in Spielen seh ich immer die Taskleiste und muss zum schiessen zb 2 mal die Maus drücken.1 mal zum reaktivieren der Maus und das zweite mal zum schiessen.
Habe schon gmer,frst64 und defogger herunter geladen.
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-04-20 21:13:13
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-3 ADATA_SSD_S510_120GB rev.3.3.2 111,79GB
Running: Gmer-19357.exe; Driver: C:\Users\amon76\AppData\Local\Temp\uwdiqpog.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      0000000075be1401 2 bytes JMP 7560b1ef C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        0000000075be1419 2 bytes JMP 7560b31a C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      0000000075be1431 2 bytes JMP 75688f09 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      0000000075be144a 2 bytes CALL 755e4885 C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                                          * 9
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17         0000000075be14dd 2 bytes JMP 75688802 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  0000000075be14f5 2 bytes JMP 756889d8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17         0000000075be150d 2 bytes JMP 756886f8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  0000000075be1525 2 bytes JMP 75688ac2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        0000000075be153d 2 bytes JMP 755ffc78 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17             0000000075be1555 2 bytes JMP 756068bf C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      0000000075be156d 2 bytes JMP 75688fc1 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        0000000075be1585 2 bytes JMP 75688b22 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17           0000000075be159d 2 bytes JMP 756886bc C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        0000000075be15b5 2 bytes JMP 755ffd11 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      0000000075be15cd 2 bytes JMP 7560b2b0 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  0000000075be16b2 2 bytes JMP 75688e84 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[1976] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  0000000075be16bd 2 bytes JMP 75688651 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82                                                             0000000071e417fa 2 bytes CALL 755e11a9 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88                                                         0000000071e41860 2 bytes CALL 755e11a9 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98                                                       0000000071e41942 2 bytes JMP 75c47089 C:\Windows\syswow64\WS2_32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109                                                      0000000071e4194d 2 bytes JMP 75c4cba6 C:\Windows\syswow64\WS2_32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                               0000000075be1401 2 bytes JMP 7560b1ef C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                 0000000075be1419 2 bytes JMP 7560b31a C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                               0000000075be1431 2 bytes JMP 75688f09 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                               0000000075be144a 2 bytes CALL 755e4885 C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                                          * 9
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                  0000000075be14dd 2 bytes JMP 75688802 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                           0000000075be14f5 2 bytes JMP 756889d8 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                  0000000075be150d 2 bytes JMP 756886f8 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                           0000000075be1525 2 bytes JMP 75688ac2 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                 0000000075be153d 2 bytes JMP 755ffc78 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                      0000000075be1555 2 bytes JMP 756068bf C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                               0000000075be156d 2 bytes JMP 75688fc1 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                 0000000075be1585 2 bytes JMP 75688b22 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                    0000000075be159d 2 bytes JMP 756886bc C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                 0000000075be15b5 2 bytes JMP 755ffd11 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                               0000000075be15cd 2 bytes JMP 7560b2b0 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                           0000000075be16b2 2 bytes JMP 75688e84 C:\Windows\syswow64\kernel32.dll
.text   C:\Windows\SysWOW64\PnkBstrA.exe[1248] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                           0000000075be16bd 2 bytes JMP 75688651 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                  0000000075be1401 2 bytes JMP 7560b1ef C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                    0000000075be1419 2 bytes JMP 7560b31a C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                  0000000075be1431 2 bytes JMP 75688f09 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                  0000000075be144a 2 bytes CALL 755e4885 C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                                          * 9
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                     0000000075be14dd 2 bytes JMP 75688802 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17              0000000075be14f5 2 bytes JMP 756889d8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                     0000000075be150d 2 bytes JMP 756886f8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17              0000000075be1525 2 bytes JMP 75688ac2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                    0000000075be153d 2 bytes JMP 755ffc78 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                         0000000075be1555 2 bytes JMP 756068bf C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                  0000000075be156d 2 bytes JMP 75688fc1 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                    0000000075be1585 2 bytes JMP 75688b22 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                       0000000075be159d 2 bytes JMP 756886bc C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                    0000000075be15b5 2 bytes JMP 755ffd11 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                  0000000075be15cd 2 bytes JMP 7560b2b0 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20              0000000075be16b2 2 bytes JMP 75688e84 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe[2456] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31              0000000075be16bd 2 bytes JMP 75688651 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                  0000000075c02ab1 5 bytes JMP 0000000100382ac0
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17            0000000075be1401 2 bytes JMP 7560b1ef C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17              0000000075be1419 2 bytes JMP 7560b31a C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17            0000000075be1431 2 bytes JMP 75688f09 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42            0000000075be144a 2 bytes CALL 755e4885 C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                                          * 9
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17               0000000075be14dd 2 bytes JMP 75688802 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17        0000000075be14f5 2 bytes JMP 756889d8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17               0000000075be150d 2 bytes JMP 756886f8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17        0000000075be1525 2 bytes JMP 75688ac2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17              0000000075be153d 2 bytes JMP 755ffc78 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                   0000000075be1555 2 bytes JMP 756068bf C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17            0000000075be156d 2 bytes JMP 75688fc1 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17              0000000075be1585 2 bytes JMP 75688b22 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                 0000000075be159d 2 bytes JMP 756886bc C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17              0000000075be15b5 2 bytes JMP 755ffd11 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17            0000000075be15cd 2 bytes JMP 7560b2b0 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20        0000000075be16b2 2 bytes JMP 75688e84 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2780] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31        0000000075be16bd 2 bytes JMP 75688651 C:\Windows\syswow64\kernel32.dll

---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [2340:4224]                                                                                                  000007fef1b79688

---- Registry - GMER 2.1 ----

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by amon76 (administrator) on AMON76-PC on 20-04-2015 20:53:58
Running from C:\Users\amon76\Desktop
Loaded Profiles: amon76 &  (Available profiles: amon76)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Windows\SysWOW64\ENAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\amon76\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B9&OHP=http%3A%2F%2Fwww.google.de%2F&OSP=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26src%3DIE%2DSearchBox%26FORM%3DIE8SRC
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B9&OHP=http%3A%2F%2Fwww.google.de%2F&OSP=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26src%3DIE%2DSearchBox%26FORM%3DIE8SRC
SearchScopes: HKLM-x32 -> URL hxxp://search.certified-toolbar.com?si=42102&bs=true&tid=2876&q={searchTerms}
SearchScopes: HKLM-x32 -> SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=42102&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4190772589-3034055397-1220891959-1000 -> URL hxxp://search.certified-toolbar.com?si=42102&bs=true&tid=2876&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4190772589-3034055397-1220891959-1000 -> SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=42102&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> URL hxxp://search.certified-toolbar.com?si=42102&bs=true&tid=2876&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=42102&gid=1&dbCode=1&command={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2013-09-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2013-09-13] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\amon76\AppData\Roaming\Mozilla\Firefox\Profiles\teqbcc0m.default-1372452320897
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF Homepage: https://www.google.de
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "64.62.233.67"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "64.62.233.67"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "64.62.233.67"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "64.62.233.67"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-12] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-01-22] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-10-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4190772589-3034055397-1220891959-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\amon76\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-12] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4190772589-3034055397-1220891959-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\amon76\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-4190772589-3034055397-1220891959-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\amon76\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-12] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\amon76\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-10-17] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\amon76\AppData\Roaming\Mozilla\Firefox\Profiles\teqbcc0m.default-1372452320897\searchplugins\google-images.xml [2014-06-27]
FF SearchPlugin: C:\Users\amon76\AppData\Roaming\Mozilla\Firefox\Profiles\teqbcc0m.default-1372452320897\searchplugins\google-maps.xml [2014-06-27]
FF Extension: WEB.DE MailCheck - C:\Users\amon76\AppData\Roaming\Mozilla\Firefox\Profiles\teqbcc0m.default-1372452320897\Extensions\toolbar@web.de [2015-04-06]
FF Extension: DownloadHelper - C:\Users\amon76\AppData\Roaming\Mozilla\Firefox\Profiles\teqbcc0m.default-1372452320897\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-17]
FF Extension: Add to Amazon Wish List Button - C:\Users\amon76\AppData\Roaming\Mozilla\Firefox\Profiles\teqbcc0m.default-1372452320897\Extensions\amznUWL2@amazon.com.xpi [2013-10-01]
FF Extension: ProxTube - Unblock YouTube - C:\Users\amon76\AppData\Roaming\Mozilla\Firefox\Profiles\teqbcc0m.default-1372452320897\Extensions\ich@maltegoetz.de.xpi [2014-11-19]
FF Extension: YouTube MP3 Downloadhelper - C:\Users\amon76\AppData\Roaming\Mozilla\Firefox\Profiles\teqbcc0m.default-1372452320897\Extensions\info@sharkcube.com.xpi [2013-07-09]
FF Extension: Adblock Plus - C:\Users\amon76\AppData\Roaming\Mozilla\Firefox\Profiles\teqbcc0m.default-1372452320897\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-03-22]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-03-22]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-02-03]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\amon76\AppData\Local\InfoBirdPro.crx [2013-08-01]
CHR HKU\S-1-5-21-4190772589-3034055397-1220891959-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\amon76\AppData\Local\InfoBirdPro.crx [2013-08-01]
CHR HKU\S-1-5-21-4190772589-3034055397-1220891959-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\amon76\AppData\Local\InfoBirdPro.crx [2013-08-01]
CHR HKLM-x32\...\Chrome\Extension: [icanoneicgaahjbilcgdmnhoocddknbl] - C:\Users\amon76\AppData\Local\InfoBirdPro.crx [2013-08-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\amon76\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]
CHR HKLM-x32\...\Chrome\Extension: [odnofacmifkjndflfmmplhckcbfjckhj] - C:\Program Files (x86)\LyriXeeker\125.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ENAgent; C:\Windows\SysWOW64\ENAgent.exe [4209856 2012-07-05] (SEIKO EPSON CORPORATION)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3804120 2011-08-07] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-03-28] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-10-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-06] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94208 2013-09-24] (Advanced Micro Devices) [File not signed]
S3 KORGUMDS; C:\Windows\System32\Drivers\KORGUM64.SYS [34136 2014-01-16] (KORG INC.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4774 2012-02-01] (INCA Internet Co., Ltd.) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-01-10] (Anchorfree Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-07-19] (TuneUp Software)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows (R) Codename Longhorn DDK provider)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK_HardwareMonitor.sys [14544 2015-04-20] (OpenLibSys.org)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [X]
S3 cpuz137; \??\C:\Users\amon76\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
U4 RAMDiskVE; No ImagePath
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 20:53 - 2015-04-20 20:54 - 00025813 _____ () C:\Users\amon76\Desktop\FRST.txt
2015-04-20 20:52 - 2015-04-20 20:52 - 02099712 _____ (Farbar) C:\Users\amon76\Desktop\FRST64.exe
2015-04-20 20:51 - 2015-04-20 20:51 - 00448512 _____ (OldTimer Tools) C:\Users\amon76\Downloads\TFC.exe
2015-04-20 20:47 - 2015-04-20 20:47 - 00852616 _____ () C:\Users\amon76\Downloads\SecurityCheck.exe
2015-04-20 20:43 - 2015-04-20 20:43 - 00016735 _____ () C:\Users\amon76\Desktop\xpTAoydH.htm
2015-04-20 20:04 - 2015-04-20 20:30 - 00001908 _____ () C:\Windows\diagwrn.xml
2015-04-20 20:04 - 2015-04-20 20:30 - 00001908 _____ () C:\Windows\diagerr.xml
2015-04-20 10:25 - 2015-04-20 10:25 - 00000542 _____ () C:\Windows\PFRO.log
2015-04-18 17:58 - 2015-04-18 18:11 - 105236380 _____ () C:\Users\amon76\Downloads\T&T_Bitd.rar
2015-04-18 12:15 - 2015-04-18 12:15 - 00002988 _____ () C:\Windows\System32\Tasks\{D0624A74-1740-4B57-A84A-F7C7A306FA07}
2015-04-18 12:01 - 2015-04-20 20:44 - 00000000 ____D () C:\ProgramData\SecTaskMan
2015-04-18 12:01 - 2015-04-18 12:01 - 00000000 ____D () C:\Users\amon76\AppData\Local\SecTaskMan
2015-04-18 11:42 - 2015-04-18 11:42 - 02217984 _____ () C:\Users\amon76\Downloads\adwcleaner_4.201(1).exe
2015-04-18 11:22 - 2015-04-18 11:22 - 02931056 _____ () C:\Users\amon76\Downloads\SecurityTaskManager_Setup.exe
2015-04-18 11:11 - 2015-04-18 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
2015-04-18 11:01 - 2015-04-18 11:03 - 05566150 _____ () C:\Users\amon76\Downloads\Manager1.8g.rar
2015-04-17 16:20 - 2015-04-20 20:39 - 00001794 _____ () C:\Windows\setupact.log
2015-04-17 16:20 - 2015-04-20 20:12 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-17 12:52 - 2015-04-17 12:52 - 05344528 _____ (Piriform Ltd) C:\Users\amon76\Downloads\ccsetup504(1).exe
2015-04-16 15:12 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-16 15:12 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-16 15:12 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-16 15:12 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-16 15:12 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-16 15:12 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-16 15:12 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-16 15:12 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-16 15:12 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-16 15:12 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-16 15:12 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-16 15:12 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-16 15:12 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-16 15:12 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-16 15:12 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-16 15:12 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-16 15:12 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-16 15:12 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-16 15:12 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-16 15:12 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-16 15:12 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-16 15:12 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-16 15:12 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-16 15:12 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-16 15:12 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-16 15:12 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-16 15:12 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-16 15:12 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-16 15:12 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-16 15:12 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-16 15:12 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-16 15:12 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-16 15:12 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-16 15:12 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-16 15:12 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-16 15:12 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-16 15:12 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-16 15:12 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-16 15:12 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-16 15:12 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-16 15:12 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-16 15:12 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-16 15:12 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-16 15:12 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-16 15:12 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-16 15:12 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-16 15:12 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-16 15:12 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-16 15:12 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-16 15:12 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-16 15:12 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-16 15:12 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-16 15:12 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-16 15:12 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-16 15:12 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-16 15:12 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-16 15:12 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-16 15:12 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-16 15:11 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-16 15:11 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-16 15:11 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-16 15:11 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 15:11 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-16 15:11 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-16 15:11 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-16 15:11 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-16 15:11 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-16 15:11 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-16 15:11 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-16 15:11 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-16 15:11 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-16 15:11 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-16 15:11 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-16 15:11 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-16 15:11 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-16 15:11 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-16 15:11 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-16 15:11 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-16 15:11 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-16 15:11 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-16 15:11 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-16 15:11 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-16 15:11 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-16 15:11 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-16 15:11 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-16 15:11 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-16 15:11 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-16 15:11 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-16 15:11 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-16 15:11 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-16 15:11 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-16 15:11 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-16 15:11 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-16 15:11 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-16 15:11 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-16 15:11 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-16 15:11 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 15:11 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-16 15:11 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-16 15:11 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-16 15:11 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 15:11 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-16 15:11 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-16 15:10 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 15:10 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 15:10 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 21:42 - 2015-04-15 21:43 - 00000153 _____ () C:\Users\amon76\Desktop\Gasmagazine.url
2015-04-14 22:31 - 2015-04-14 22:31 - 00019340 _____ () C:\Users\amon76\Downloads\hk416-wallpaper.htm
2015-04-14 22:16 - 2015-04-14 22:16 - 00000604 _____ () C:\Users\amon76\Downloads\Neues Textdokument.txt
2015-04-12 14:09 - 2015-04-12 14:18 - 00000000 ___DC () C:\ComboFix
2015-04-12 14:06 - 2015-04-20 20:53 - 00000000 ___DC () C:\FRST
2015-04-12 11:40 - 2015-04-12 11:40 - 01219571 _____ () C:\Windows\unins000.exe
2015-04-12 11:30 - 2015-04-12 11:30 - 00001412 _____ () C:\Users\amon76\Documents\profile.conf
2015-04-11 17:55 - 2015-04-11 17:55 - 00000146 _____ () C:\Users\amon76\Desktop\GBBs.url
2015-04-11 15:12 - 2015-02-05 19:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-11 15:06 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-11 15:06 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-11 15:06 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-11 15:06 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-11 15:06 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-11 15:06 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-11 15:06 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-11 15:06 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-11 15:06 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-11 15:06 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-11 15:06 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-11 15:06 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-11 15:06 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-11 15:06 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-11 15:06 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-11 15:06 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-10 15:21 - 2015-02-20 02:18 - 00074056 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-10 15:21 - 2015-02-20 02:18 - 00060560 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-10 15:21 - 2015-02-05 21:07 - 06861128 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-10 15:21 - 2015-02-05 21:07 - 03517584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-10 15:21 - 2015-02-05 21:07 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-10 15:21 - 2015-02-05 21:07 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-10 15:21 - 2015-02-05 21:07 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-10 15:21 - 2015-02-05 21:06 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-10 15:21 - 2015-02-05 14:50 - 04236870 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-10 15:20 - 2015-02-20 02:18 - 16017040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-10 15:20 - 2015-02-20 02:18 - 14119744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-10 15:20 - 2015-02-20 02:18 - 03299512 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-10 15:20 - 2015-02-20 02:18 - 02902784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-10 15:20 - 2015-02-20 02:18 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-10 15:20 - 2015-02-20 02:18 - 00027441 _____ () C:\Windows\system32\nvinfo.pb
2015-04-10 15:20 - 2015-02-04 05:56 - 01907400 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434144.dll
2015-04-10 15:20 - 2015-02-04 05:56 - 01555656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434144.dll
2015-04-09 19:03 - 2015-04-09 19:07 - 283376896 _____ (NVIDIA Corporation) C:\Users\amon76\Downloads\341.44-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-04-09 19:01 - 2015-04-09 19:01 - 02217984 _____ () C:\Users\amon76\Downloads\adwcleaner_4.201.exe
2015-04-09 18:17 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-09 18:17 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-09 18:17 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-09 18:17 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-09 18:17 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-09 18:17 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-09 18:17 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-09 18:17 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-08 20:00 - 2015-04-08 20:01 - 00000150 _____ () C:\Users\amon76\Desktop\LIANG.url
2015-04-07 18:25 - 2015-04-07 18:25 - 00000000 ___DC () C:\Program Files (x86)\AGEIA Technologies
2015-04-05 21:55 - 2015-03-27 17:15 - 00000000 ____D () C:\Users\amon76\Desktop\JODECI
2015-04-05 16:27 - 2015-04-05 16:28 - 41349176 _____ () C:\Users\amon76\Downloads\WEB.DE_Firefox_Setup.exe
2015-03-29 10:02 - 2015-03-29 10:03 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-29 10:02 - 2015-03-29 10:02 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-03-27 22:58 - 2015-03-27 22:59 - 11123720 _____ () C:\Users\amon76\Downloads\YTDSetup.exe
2015-03-27 22:53 - 2015-03-27 22:46 - 00449919 ____R () C:\Windows\system32\Drivers\etc\hosts.20150327-215331.backup
2015-03-25 19:41 - 2015-03-25 19:41 - 05344528 _____ (Piriform Ltd) C:\Users\amon76\Downloads\ccsetup504.exe
2015-03-23 20:13 - 2015-03-23 20:13 - 00001022 _____ () C:\Users\amon76\Desktop\It's Too Late' - Verknüpfung.lnk
2015-03-22 11:16 - 2015-04-08 11:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 20:47 - 2009-07-14 06:45 - 00029952 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-20 20:47 - 2009-07-14 06:45 - 00029952 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-20 20:45 - 2011-12-21 11:54 - 38205412 _____ () C:\Windows\system32\perfh007.dat
2015-04-20 20:45 - 2011-12-21 11:54 - 12039666 _____ () C:\Windows\system32\perfc007.dat
2015-04-20 20:45 - 2009-07-14 07:13 - 00006472 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-20 20:42 - 2015-01-18 22:10 - 01605929 _____ () C:\Windows\WindowsUpdate.log
2015-04-20 20:42 - 2014-04-10 21:40 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 20:39 - 2013-11-13 21:09 - 00043334 _____ () C:\Windows\SysWOW64\‰š‹œž‘’“”•–—˜™š›œžÿ*¡¢£¤¥¦§¨©ª«¬*®¯°±²³´µ¶·¸¹º»¼½¾¿àáâãäåæçèéêëìíîïðñòóôõö×øùúûüýþßàáâãäåæçèéêëìíîïðñòóôõö÷øùúûüýþÿ1
2015-04-20 20:39 - 2011-12-20 20:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-20 20:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-20 20:03 - 2012-04-15 23:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-20 10:25 - 2012-01-15 02:33 - 00000000 ____D () C:\Users\amon76\AppData\Local\CrashDumps
2015-04-20 10:23 - 2013-12-12 01:02 - 00000021 _____ () C:\Users\amon76\AppData\Roaming\config_data.dat
2015-04-18 12:08 - 2012-11-03 15:17 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-04-18 11:47 - 2013-11-20 21:56 - 00000000 ___DC () C:\AdwCleaner
2015-04-18 10:53 - 2012-08-16 17:02 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2015-04-17 14:38 - 2011-12-20 21:28 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-04-17 12:52 - 2011-12-21 00:30 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-17 12:52 - 2011-12-21 00:30 - 00000000 ___DC () C:\Program Files\CCleaner
2015-04-16 16:27 - 2015-03-19 23:24 - 00000000 ____D () C:\Windows\rescache
2015-04-16 15:28 - 2011-12-25 16:08 - 00000000 ____D () C:\Users\amon76\AppData\Roaming\vlc
2015-04-16 15:22 - 2013-08-15 12:52 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 15:22 - 2012-11-19 00:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 15:17 - 2011-12-21 03:01 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 22:12 - 2012-02-19 13:59 - 00000000 ____D () C:\Users\amon76\AppData\Roaming\Skype
2015-04-14 19:03 - 2013-07-26 18:54 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 19:03 - 2012-04-15 23:48 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 19:03 - 2011-12-21 00:52 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 22:31 - 2013-11-09 11:48 - 00000058 _____ () C:\Users\amon76\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-04-12 14:16 - 2009-07-14 04:34 - 00000215 ____C () C:\Windows\system.ini
2015-04-12 14:09 - 2015-03-08 11:04 - 00000000 ___DC () C:\Qoobox
2015-04-12 12:06 - 2013-06-20 20:52 - 00000000 ____D () C:\Users\amon76\AppData\Roaming\TS3Client
2015-04-12 12:03 - 2009-07-14 04:34 - 00449919 ____R () C:\Windows\system32\Drivers\etc\hosts.20150416-153722.backup
2015-04-12 11:40 - 2014-04-04 19:58 - 00034690 _____ () C:\Windows\unins000.dat
2015-04-12 11:40 - 2014-04-04 19:58 - 00000000 ___DC () C:\Program Files (x86)\Top Gaming Mouse Equipment
2015-04-12 11:40 - 2014-04-04 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Top Gaming Mouse Equipment
2015-04-11 21:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-11 15:12 - 2013-06-19 07:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-10 15:22 - 2013-07-03 15:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-10 15:21 - 2011-12-20 20:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-10 15:21 - 2011-12-20 20:21 - 00000000 ___DC () C:\Program Files\NVIDIA Corporation
2015-04-10 15:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2015-04-09 23:20 - 2014-12-14 04:03 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-09 23:20 - 2014-05-06 11:29 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-09 18:09 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup
2015-04-08 11:00 - 2012-05-02 21:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 22:20 - 2009-07-14 04:34 - 00449919 ____R () C:\Windows\system32\Drivers\etc\hosts.20150412-120320.backup
2015-04-07 18:15 - 2013-07-03 15:35 - 00001381 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-04-05 22:11 - 2011-12-20 21:00 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-05 22:11 - 2011-12-20 21:00 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-05 16:38 - 2012-01-08 01:03 - 00000000 ____D () C:\Users\amon76\AppData\Roaming\Azureus
2015-03-28 17:44 - 2011-12-20 23:06 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-28 17:35 - 2011-12-20 23:06 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-03-28 17:29 - 2013-12-04 00:13 - 00000000 ___DC () C:\Program Files (x86)\Origin
2015-03-28 17:29 - 2012-08-22 15:32 - 00000000 ____D () C:\ProgramData\Origin
2015-03-28 05:44 - 2014-06-02 21:58 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2013-10-31 07:47 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-06-02 21:58 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2013-10-31 07:47 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-27 22:53 - 2009-07-14 04:34 - 00449919 ____R () C:\Windows\system32\Drivers\etc\hosts.20150407-222003.backup
2015-03-24 19:15 - 2014-04-10 21:40 - 00000000 ___DC () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-24 19:15 - 2014-04-10 21:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-24 19:15 - 2013-02-24 01:47 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-24 13:26 - 2012-04-06 17:58 - 00010490 _____ () C:\Windows\wininit.ini
2015-03-24 13:01 - 2015-02-27 18:30 - 00000000 ___HD () C:\Users\amon76\AppData\Local\System-gear
2015-03-24 12:48 - 2009-07-14 04:34 - 00449919 ____R () C:\Windows\system32\Drivers\etc\hosts.20150327-214646.backup
2015-03-24 12:45 - 2012-01-08 01:03 - 00000770 _____ () C:\Users\Public\Desktop\Vuze.lnk
2015-03-24 12:45 - 2012-01-08 01:03 - 00000770 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk

==================== Files in the root of some directories =======

2013-12-12 01:02 - 2015-04-20 10:23 - 0000021 _____ () C:\Users\amon76\AppData\Roaming\config_data.dat
2012-02-28 20:20 - 2012-02-28 20:20 - 0069833 _____ () C:\Users\amon76\AppData\Roaming\icarus-dxdiag.xml
2013-07-27 11:26 - 2013-08-30 11:30 - 0000075 _____ () C:\Users\amon76\AppData\Roaming\WB.CFG
2013-07-26 20:26 - 2013-08-30 11:30 - 0000005 _____ () C:\Users\amon76\AppData\Roaming\WBPU-TTL.DAT
2014-08-13 11:18 - 2014-08-13 20:54 - 0006144 _____ () C:\Users\amon76\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-09 11:48 - 2015-04-12 22:31 - 0000058 _____ () C:\Users\amon76\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2013-08-01 07:29 - 2013-08-01 07:29 - 0051157 _____ () C:\Users\amon76\AppData\Local\InfoBirdPro.crx
2011-12-21 22:35 - 2011-12-21 22:35 - 0007605 _____ () C:\Users\amon76\AppData\Local\Resmon.ResmonCfg
2011-12-20 21:23 - 2011-12-20 21:23 - 0000000 _____ () C:\Users\amon76\AppData\Local\{EBDF1913-4F57-4353-BF4E-823E09C70047}
2012-01-06 17:24 - 2012-01-23 15:44 - 0000040 ___SH () C:\ProgramData\.zreglib
2012-08-26 13:13 - 2012-08-26 13:13 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl
2013-09-17 22:36 - 2013-07-19 22:36 - 0000032 ____R () C:\ProgramData\hash.dat
2011-12-29 15:56 - 2013-02-16 20:21 - 0009275 _____ () C:\ProgramData\hpzinstall.log
2012-10-01 14:36 - 2013-10-04 21:48 - 0006080 _____ () C:\ProgramData\NanoRepository.bin
2012-10-01 14:36 - 2013-09-29 22:21 - 0006080 _____ () C:\ProgramData\NanoRepository.bin.bak

Files to move or delete:
====================
C:\ProgramData\hash.dat


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\SIntf16.dll
C:\Windows\SysWOW64\SIntf32.dll
C:\Windows\SysWOW64\SIntfNT.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-16 16:20

==================== End Of Log ============================
         
--- --- --- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001a7dda7107 Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001a7dda7107@002566841294 0x1B 0xA1 0x98 0x99 ... Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001a7dda7107 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001a7dda7107@002566841294 0x1B 0xA1 0x98 0x99 ... Reg HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_NvStreamNetworkS_66b791336e597ab5dc21e23648c19a025a43_091dfd61 Reg HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles@CheckingForSolutionDialog 0x04 0x01 0xC0 0x00 ... Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@ExcludeProfileDirs AppData\Local;AppData\LocalLow;$Recycle.Bin Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@BuildNumber 7601 Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@FirstLogon 0 Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@ParseAutoexec 1 ---- EOF - GMER 2.1 ----
Angehängte Dateien
Dateityp: log defogger_disable.log (474 Bytes, 75x aufgerufen)
Dateityp: log GMER LOG.log (18,6 KB, 74x aufgerufen)

Geändert von amon76 (20.04.2015 um 20:59 Uhr)

Alt 20.04.2015, 20:53   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich. - Standard

Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.



Hi,

Logs bitte immer in Codetags in den thread posten, nicht anhaengen.
__________________

__________________

Alt 21.04.2015, 18:09   #3
amon76
 
Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich. - Standard

Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.



Jetzt kommt alle 4 Sekunden die Sanduhr kurz.
__________________

Alt 22.04.2015, 08:42   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich. - Standard

Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.



Dann poste die Logs aus dem Safe Mode.



Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.04.2015, 09:32   #5
amon76
 
Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich. - Standard

Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.



Hallo,hab heute Nacht Eset durchlaufen lassen mit 2 Funden.Anscheinend war es das denn nun scheint es zu funzen. Soll ich es trotzdem mal schicken?


Alt 22.04.2015, 18:00   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich. - Standard

Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.



weiß ich nicht, bin kein Hellseher, hab bis jetzt noch kein einziges Log gesehen
__________________
--> Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.

Antwort

Themen zu Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.
ccsetup, dankbar, defogger, drücke, gmer, herunter, hilfe, hintergrund, hoffe, kurze, launch, mauszeiger, newtab, reaktivieren, safer networking, sanduhr, spiele, spring, springt, taskleiste, unmöglich, win, windows, wörter



Ähnliche Themen: Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich.


  1. Windows 10: Virusprogramm macht es mir beinahen unmöglich etwas anzuclicken. Offline kein Problem
    Log-Analyse und Auswertung - 30.09.2015 (21)
  2. Win7 64bit SP1 IE11 startet immer mit delta-homes
    Plagegeister aller Art und deren Bekämpfung - 17.07.2015 (35)
  3. [Win7.64bit] svchost.exe (netscvs) braucht mehr als 1GB Ram - Rechner dadurch langsam
    Log-Analyse und Auswertung - 20.05.2015 (28)
  4. Win7 Ultimtate 64bit; nach Bundespolizei-Virus; kein Rechtsklick; nichts installierbar; Speicher auf Festplatte immer voll
    Plagegeister aller Art und deren Bekämpfung - 17.02.2015 (21)
  5. Win7-64Bit - Browser, Netzwerkeinstellungen, Proxy wird immer automatisch aktiviert 127.0.0.1:49273
    Log-Analyse und Auswertung - 21.09.2014 (12)
  6. Win7 64bit Festplatte "rödelt" oft im Hintergrund während des Surfens! Virus? Malware?
    Plagegeister aller Art und deren Bekämpfung - 04.04.2014 (5)
  7. Booten Unmöglich win7
    Alles rund um Windows - 14.02.2014 (8)
  8. Schreiben im Internet unmöglich
    Log-Analyse und Auswertung - 31.01.2014 (24)
  9. BKA-Meldung blockierte Browser (IE 11)-jetzt alles wie immer,wurde etwas im Hintergrund installiert?
    Log-Analyse und Auswertung - 24.01.2014 (12)
  10. Ständig wird etwas im Hintergrund geladen
    Plagegeister aller Art und deren Bekämpfung - 23.03.2013 (13)
  11. PC langsam und im Hintergrund ist immer etwas am laufen
    Plagegeister aller Art und deren Bekämpfung - 11.03.2013 (16)
  12. 1 CPU Kern immer zu ~80% ausgelastet aber kein Programm im Taskmanager sichtbar, win7, 64bit
    Plagegeister aller Art und deren Bekämpfung - 09.11.2011 (1)
  13. iexplore.exe startet im hintergrund und etwas sendet an 64.120.141.163
    Log-Analyse und Auswertung - 02.10.2011 (7)
  14. svchost.exe hat extrem hohe cpu auslastung (100%) und macht mein Rechner dadurch unbrauchbar ...
    Plagegeister aller Art und deren Bekämpfung - 12.08.2011 (1)
  15. Hilfe !!! Mein Laptop 64bit, Google Chrom, Windows 7 wird immer langsamer
    Plagegeister aller Art und deren Bekämpfung - 24.02.2011 (1)
  16. Ist mein PC dadurch gefährdet?
    Plagegeister aller Art und deren Bekämpfung - 22.09.2009 (22)
  17. Batch datei schreiben brauche noch etwas hilfe
    Alles rund um Windows - 20.06.2009 (27)

Zum Thema Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich. - Hallo, hoffe jemand kann mir helfen .Mein Windows läd immer für kurze Zeit etwas im Hintergrund(Sanduhr).Dadurch kann ich nix anständig schreiben.Aus 3 Wörtern werden 1 unleserliches und das nervt.Mein Mauszeiger - Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich....
Archiv
Du betrachtest: Mein Win7/64bit läd immer etwas im Hintergrund ,schreiben ist dadurch unmöglich. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.