Rechner langsam, Tastatur und Maus reagieren verzögert

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-05-2015
Ran by w7 (administrator) on W7-PC on 21-05-2015 23:55:09
Running from C:\Users\w7\Desktop
Loaded Profiles: w7 (Available profiles: w7 & Administrator)
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TomTom) C:\Program Files\MyDrive Connect\MyDriveConnect.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
(Qihu Software Co. Limited) C:\Program Files\360\Total Security\safemon\QHWatchdog.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
(Microsoft Corporation) C:\Program Files\Office2k\OFFICE11\WINWORD.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1725736 2010-04-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files\360\Total Security\safemon\QHSafeTray.exe [1264248 2015-05-18] (QIHU 360 SOFTWARE CO. LIMITED)
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\Run: [MyDriveConnect.exe] => C:\Program Files\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {055d0901-6115-11e3-9cd0-00123fedf47b} - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {055d0903-6115-11e3-9cd0-00123fedf47b} - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {4b315542-70c7-11df-9d4b-00054e4ed161} - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {4b315549-70c7-11df-9d4b-00054e4ed161} - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {79d78ce0-9a00-11e3-887b-00123fedf47b} - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {ab2559e0-8e51-11e3-90ad-00123fedf47b} - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {d1df3a90-382b-11e0-94b3-00054e4ed161} - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {d61d962c-a305-11df-96de-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {ee6d188e-7181-11e3-926a-00123fedf47b} - E:\AutoRun.exe
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\...\MountPoints2: {ee6d1890-7181-11e3-926a-00123fedf47b} - E:\AutoRun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} hxxp://kitchenplanner.ikea.com/AT/Core/Player/2020PlayerAX_Win32.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1291470965134
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of  Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\m623rhua.default
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Ask Search
FF Homepage: hxxp://www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-07] ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2013-12-10] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2009-04-04] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\m623rhua.default\searchplugins\avira-safesearch.xml [2015-02-27]
FF Extension: 20-20 3D Viewer - C:\Users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\m623rhua.default\Extensions\2020Player@2020Technologies.com [2010-09-15]
FF Extension: Avira Browser Safety - C:\Users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\m623rhua.default\Extensions\abs@avira.com [2015-04-28]
FF Extension: Avira SafeSearch - C:\Users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\m623rhua.default\Extensions\safesearch@avira.com [2015-04-28]
FF Extension: Bitdefender QuickScan - C:\Users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\m623rhua.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-07-17]
FF Extension: Go Parent Folder - C:\Users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\m623rhua.default\Extensions\goParentFolder@alice.xpi [2014-12-01]
FF Extension: Show Parent Folder - C:\Users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\m623rhua.default\Extensions\showParentFolder@alice.xpi [2014-12-01]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\w7\AppData\Roaming\Mozilla\Firefox\Profiles\m623rhua.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-09-24]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-22]
FF HKLM\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files\360\Total Security\safemon\webprotection_firefox [2014-11-11]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [839792 2015-05-18] (QIHU 360 SOFTWARE CO. LIMITED)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680448 2009-04-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker.sys [88136 2014-11-07] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [65608 2015-05-18] (360.cn)
S3 360Box; C:\Windows\System32\DRIVERS\360Box.sys [202312 2015-05-18] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera.sys [34888 2014-11-07] (360.cn)
S1 360SelfProtection; C:\Windows\System32\drivers\360SelfProtection.sys [174536 2014-11-07] (360安全中心)
S3 amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [77904 2009-04-22] (AMD)
R0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [23120 2009-04-22] (AMD)
S3 AR5211; C:\Windows\System32\DRIVERS\ar5211.sys [470208 2005-12-29] (Atheros Communications, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV.sys [169040 2015-03-09] (Qihu 360 Software Co., Ltd.)
R1 EfiMon; C:\Windows\System32\Drivers\Efimon.sys [23752 2014-11-07] (360安全中心)
R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [9728 2003-11-29] (Elaborate Bytes AG) [File not signed]
R3 ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [3968 2004-02-12] (Elaborate Bytes AG) [File not signed]
R0 ElbyVCD; C:\Windows\System32\DRIVERS\ElbyVCD.sys [22528 2004-02-12] (Elaborate Bytes AG) [File not signed]
S0 HookPort; C:\Windows\System32\Drivers\Hookport.sys [58440 2015-03-09] (360安全中心)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MpKsl6feaab75; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6DCF08ED-1B2F-4928-995C-66264E3E1B51}\MpKsl6feaab75.sys [39464 2015-05-21] (Microsoft Corporation)
R1 qutmdserv; C:\Windows\System32\DRIVERS\qutmdrv.sys [257352 2014-11-07] (360.cn)
S1 qutmipc; C:\Windows\system32\drivers\qutmipc.sys [45896 2014-11-07] (360.cn)
R3 STAC97; C:\Windows\System32\drivers\STAC97.sys [273168 2005-03-10] (SigmaTel, Inc.)
R3 VSTHWICH; C:\Windows\System32\DRIVERS\VSTICH3.SYS [242176 2009-04-22] (Conexant Systems, Inc.)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-04-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 23:55 - 2015-05-21 23:55 - 00012679 _____ () C:\Users\w7\Desktop\FRST.txt
2015-05-21 23:50 - 2015-05-21 23:50 - 00000466 _____ () C:\Users\w7\Desktop\defogger_disable.log
2015-05-21 23:50 - 2015-05-21 23:50 - 00000000 _____ () C:\Users\w7\defogger_reenable
2015-05-21 23:49 - 2015-05-21 23:49 - 00050477 _____ () C:\Users\w7\Desktop\Defogger.exe
2015-05-21 23:28 - 2015-05-21 23:55 - 00000000 ____D () C:\FRST
2015-05-21 23:27 - 2015-05-21 23:27 - 01147392 _____ (Farbar) C:\Users\w7\Desktop\FRST.exe
2015-05-21 22:45 - 2015-05-21 22:45 - 00000000 ____D () C:\Program Files\Common Files\AV
2015-05-21 22:33 - 2015-05-21 22:33 - 00080080 _____ () C:\Users\w7\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-21 22:31 - 2015-05-21 22:31 - 00358488 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-21 21:55 - 2015-05-21 21:55 - 02347384 _____ (ESET) C:\Users\w7\Desktop\esetsmartinstaller_deu.exe
2015-05-21 20:35 - 2015-05-21 20:35 - 01187496 _____ (Uniblue Systems Limited ) C:\Users\w7\Desktop\pcmechanicpm.exe
2015-05-17 08:10 - 2015-05-17 08:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-04 18:13 - 2015-05-04 18:13 - 21258466 _____ () C:\Users\w7\Desktop\Garage-Sockel-links.tif
2015-05-04 18:12 - 2015-05-04 18:12 - 21252322 _____ () C:\Users\w7\Desktop\Garagentor.tif
2015-05-03 08:01 - 2015-05-03 08:01 - 00000000 ____D () C:\84bc2ca00468d711748d3b0f9e
2015-04-26 21:21 - 2015-04-26 21:21 - 00000000 _____ () C:\Windows\setuperr.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 23:50 - 2009-08-15 20:34 - 00000000 ____D () C:\Users\w7
2015-05-21 23:38 - 2009-04-22 10:08 - 00028144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-21 23:38 - 2009-04-22 10:08 - 00028144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-21 22:45 - 2015-04-10 18:00 - 00001111 _____ () C:\Users\Public\Desktop\360 Total Security.lnk
2015-05-21 22:45 - 2014-11-11 22:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-05-21 22:38 - 2014-11-12 00:10 - 00000000 __SHD () C:\ProgramData\360Quarant
2015-05-21 22:38 - 2014-11-12 00:10 - 00000000 __SHD () C:\$360Section
2015-05-21 22:36 - 2009-08-15 12:37 - 02078444 _____ () C:\Windows\WindowsUpdate.log
2015-05-21 22:33 - 2009-04-22 10:27 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-21 22:32 - 2015-02-09 10:16 - 00008904 _____ () C:\Windows\setupact.log
2015-05-21 22:31 - 2015-02-09 10:14 - 00021636 _____ () C:\Windows\PFRO.log
2015-05-21 22:29 - 2013-11-23 14:14 - 00000000 ____D () C:\AdwCleaner
2015-05-21 21:52 - 2015-04-10 18:01 - 00000000 ____D () C:\ProgramData\360TotalSecurity
2015-05-21 18:10 - 2014-11-11 22:33 - 00000000 ____D () C:\ProgramData\360safe
2015-05-18 12:20 - 2014-11-11 22:34 - 00065608 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2015-05-18 12:20 - 2014-11-11 22:32 - 00202312 _____ (360.cn) C:\Windows\system32\Drivers\360Box.sys
2015-05-17 22:20 - 2012-09-24 14:22 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2014-10-11 09:13 - 2014-10-11 09:03 - 4714656 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\avira_de_av_41834845_cpmtce9iomm1crdat73b_wd.exe
2014-10-11 09:13 - 2014-10-11 08:53 - 4714656 _____ (Avira Operations GmbH & Co. KG) C:\Program Files\avira_de_av___ws.exe
2013-06-26 20:04 - 2013-11-10 23:03 - 0003725 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-11-21 13:52 - 2013-11-21 15:18 - 0000004 _____ () C:\Users\w7\AppData\Roaming\Other.ico
2013-11-19 13:12 - 2013-11-22 15:59 - 0099147 _____ () C:\Users\w7\AppData\Local\ars.cache
2013-11-19 13:13 - 2013-11-22 15:59 - 0255589 _____ () C:\Users\w7\AppData\Local\census.cache
2013-11-19 12:29 - 2013-11-19 12:29 - 0000036 _____ () C:\Users\w7\AppData\Local\housecall.guid.cache
2012-09-24 23:59 - 2013-11-13 10:25 - 0007605 _____ () C:\Users\w7\AppData\Local\resmon.resmoncfg
2013-06-17 12:49 - 2013-06-17 12:51 - 0000352 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\w7\360TS_Setup.exe
C:\Users\w7\AdbeRdr933_de_DE.exe
C:\Users\w7\jxpiinstall.exe


Some files in TEMP:
====================
C:\Users\w7\AppData\Local\Temp\Quarantine.exe
C:\Users\w7\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-26 01:15

==================== End of log ============================
         

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-05-2015
Ran by w7 at 2015-05-21 23:55:58
Running from C:\Users\w7\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3062942232-3235879386-1935734408-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-3062942232-3235879386-1935734408-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3062942232-3235879386-1935734408-1001 - Limited - Enabled)
w7 (S-1-5-21-3062942232-3235879386-1935734408-1002 - Administrator - Enabled) => C:\Users\w7

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM\...\360TotalSecurity) (Version: 6.6.1.1024 - 360 Security Center)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
C-Major Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 42xx - SigmaTel)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connect (HKLM\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 38.0.1 (x86 de) (HKLM\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyDriveConnect 3.3.0.1342 (HKLM\...\MyDriveConnect) (Version: 3.3.0.1342 - TomTom)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.43 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - )
TomTom HOME (HKLM\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

21-05-2015 20:37:18 Uniblue PC Mechanic installation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-04-22 07:57 - 2013-12-10 00:41 - 00000957 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       activate.adobe.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CEEB8E1-873D-4C99-B514-49D5DBBAE46F} - \Microsoft\Windows\NetTrace\GatherNetworkInfo No Task File <==== ATTENTION
Task: {E9099E84-84A6-496E-A477-D12B98AE2FDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-07] (Adobe Systems Incorporated)
Task: {F7F9B6E2-E0C1-4548-9EE6-E7C0E358A837} - System32\Tasks\{A60FA2E0-134B-4182-AA2D-9B9F8DB5F48F} => pcalua.exe -a "C:\Program Files\Firefox\uninstall\helper.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (Whitelisted) ==============

2014-11-11 22:32 - 2015-05-18 12:20 - 00426608 _____ () C:\Program Files\360\Total Security\MenuEx.dll
2013-11-29 11:29 - 2013-11-29 11:29 - 00026520 _____ () C:\Program Files\MyDrive Connect\DeviceDetection.dll
2013-11-29 11:28 - 2013-11-29 11:28 - 00082840 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 11:28 - 2013-11-29 11:28 - 00344984 _____ () C:\Program Files\MyDrive Connect\TomTomSupporterProxy.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3062942232-3235879386-1935734408-1002\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{60A07316-1A8F-4B3C-8310-8671A9FB7A47}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{1D0276B9-28EA-4B45-8F27-3E2C2F8B4AA4}] => (Allow) C:\Program Files\AVG\AVG10\avgdiagex.exe
FirewallRules: [{7AB283EC-4359-47B2-894D-E7117806DFFC}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{07E2FCBC-9EFB-4C1D-8D43-FFD987B4A4E1}] => (Allow) C:\Program Files\AVG\AVG10\avgnsx.exe
FirewallRules: [{AF1E36FE-CBEC-4C19-A946-DECDE2D5DA72}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{5704526F-251F-4217-838F-2C115ABEC786}] => (Allow) C:\Program Files\AVG\AVG10\avgmfapx.exe
FirewallRules: [{901E69F2-C983-453C-B68F-94B1EF9DFB3B}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{E727E364-071A-4CB4-AC1D-B3B5C29DFE3B}] => (Allow) C:\Program Files\AVG\AVG10\avgemcx.exe
FirewallRules: [{BB4EAEBD-1967-47A9-BD0C-6F3161582EB6}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{EE5F3F34-8ACD-484E-9A02-95396C423146}] => (Allow) C:\Program Files\AVG\AVG2012\avgmfapx.exe
FirewallRules: [{CF4FF1CE-E599-4B44-971F-ABE2C948551A}] => (Allow) C:\Users\w7\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{A6B57B8C-F68A-46D1-8D6F-FFCEE526C922}] => (Allow) C:\Users\w7\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1F78329D-7EF9-4B2B-8A65-3B9794BDCA28}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{42A05C3E-C7B3-4F7E-B9E6-587703C7C0C4}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{6BD3E505-AFF3-4661-9CC4-0CA61E8DB271}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{0DED27D8-FA8A-4698-85A5-4DECCEE7CECE}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{2B85DA0D-5398-4083-94E8-53682DA015EC}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{C88C74BC-3383-4911-8D0B-C8806BD1157C}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{9C7C747D-9406-42A0-A031-026595CEDE32}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{FAED6547-0F2B-4B01-9C9B-30FBCD6D8DDA}] => (Allow) C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
FirewallRules: [{55AE9443-78B2-4495-9899-16BB81A99D48}] => (Allow) C:\Program Files\360\Total Security\LiveUpdate360.exe
FirewallRules: [{D1588230-6760-4ABB-B78D-A55078E91323}] => (Allow) C:\Program Files\360\Total Security\LiveUpdate360.exe
FirewallRules: [{7B764421-302E-4802-A86E-0112941D0E8B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9F435F49-193E-48CE-BA23-7197866763A4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{73F252FF-2614-4CF6-9D90-E67F9A70DC67}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CC2F5724-1D44-4C7C-A67A-F8058E8A15F2}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{C84F0863-D065-4048-8D5D-5A548E0D5F16}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{40AD7DF4-5D05-426F-B4FC-465D95ED3FD1}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe

==================== Faulty Device Manager Devices =============

Name: Videocontroller
Description: Videocontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/21/2015 10:29:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.1.5611, Zeitstempel: 0x55541a90
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.1.5611, Zeitstempel: 0x55540a1e
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0xb04
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (05/21/2015 09:55:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7100.0, Zeitstempel: 0x49ee918d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7100.0, Zeitstempel: 0x49eea66e
Ausnahmecode: 0xc0000024
Fehleroffset: 0x00080eb6
ID des fehlerhaften Prozesses: 0xdb8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (05/21/2015 08:37:16 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {5e88fd51-575c-4585-93fc-d7d619ec6031}

Error: (05/21/2015 08:30:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 6.1.7100.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a50

Startzeit: 01d093f41fae1f9e

Endzeit: 152

Anwendungspfad: C:\Windows\explorer.exe

Berichts-ID: 6c15b4e9-ffe7-11e4-990a-00123fedf47b

Error: (05/21/2015 02:18:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/18/2015 10:40:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/15/2015 11:28:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/14/2015 08:04:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/12/2015 07:30:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/11/2015 11:19:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 11.0.8350.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 458

Startzeit: 01d08ba655f8c5ff

Endzeit: 531

Anwendungspfad: C:\Programme\Office2k\OFFICE11\WINWORD.EXE

Berichts-ID:


System errors:
=============
Error: (05/21/2015 11:52:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "qutmipc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (05/21/2015 10:47:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "qutmipc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (05/21/2015 10:46:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "qutmipc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%31

Error: (05/21/2015 10:45:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HookPort" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%50

Error: (05/21/2015 10:33:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
360SelfProtection
BTHidMgr
HookPort
qutmipc

Error: (05/21/2015 10:29:37 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (05/21/2015 10:29:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/21/2015 10:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/21/2015 10:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/21/2015 10:28:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (05/21/2015 10:29:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe38.0.1.561155541a90mozalloc.dll38.0.1.561155540a1e8000000300001aa1b0401d093fb59a9d505C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll03792e35-fff8-11e4-990a-00123fedf47b

Error: (05/21/2015 09:55:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7100.049ee918dntdll.dll6.1.7100.049eea66ec000002400080eb6db801d093f434210ceaC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll514262a5-fff3-11e4-990a-00123fedf47b

Error: (05/21/2015 08:37:16 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {5e88fd51-575c-4585-93fc-d7d619ec6031}

Error: (05/21/2015 08:30:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: explorer.exe6.1.7100.0a5001d093f41fae1f9e152C:\Windows\explorer.exe6c15b4e9-ffe7-11e4-990a-00123fedf47b

Error: (05/21/2015 02:18:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\360\total security\CleanPlus64.exe

Error: (05/18/2015 10:40:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\360\total security\CleanPlus64.exe

Error: (05/15/2015 11:28:34 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\360\total security\CleanPlus64.exe

Error: (05/14/2015 08:04:46 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\360\total security\CleanPlus64.exe

Error: (05/12/2015 07:30:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\360\total security\CleanPlus64.exe

Error: (05/11/2015 11:19:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WINWORD.EXE11.0.8350.045801d08ba655f8c5ff531C:\Programme\Office2k\OFFICE11\WINWORD.EXE


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) M processor 2.00GHz
Percentage of memory in use: 83%
Total physical RAM: 1015.43 MB
Available physical RAM: 163.19 MB
Total Pagefile: 2039.43 MB
Available Pagefile: 1127.62 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.43 GB) (Free:41.27 GB) NTFS
Drive i: (NORBERT) (Removable) (Total:0.48 GB) (Free:0.13 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 8C5B4B86)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=74.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 489.2 MB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=489 MB) - (Type=01)

==================== End of log ============================
         

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-22 07:42:33
Windows 6.1.7100  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 FUJITSU_MHT2080AH rev.846C 74,53GB
Running: Gmer-19357.exe; Driver: C:\Users\w7\AppData\Local\Temp\pxldqpoc.sys


---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwSaveKeyEx + 13B1                                                                  82E7B549 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                           82E9B6B2 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                                           qutmdrv.sys
AttachedDevice  \FileSystem\fastfat \Fat                                                                         fltmgr.sys
AttachedDevice  \FileSystem\fastfat \Fat                                                                         qutmdrv.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0011679feeb6                      
Reg             HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0011679feeb6 (not active ControlSet)  

---- EOF - GMER 2.1 ----