Philipp666 | 23.07.2013 11:04 | Hallo Schrauber,
Fein. Beide USB-Sticks hängen wie beschrieben am Rechner.
Los gehts: zuerst die FRST.text
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-07-2013 01
Ran by Philipp (administrator) on 23-07-2013 11:59:36
Running from C:\Users\Philipp\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
() C:\Program Files (x86)\VPN-Client\dtpd.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files (x86)\VPN-Client\iked.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\VPN-Client\ipsecd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(McAfee, Inc.) C:\PROGRA~1\McAfee\MSC\McAPExe.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(C Technologies) C:\Program Files (x86)\C-Pen Core\CPenCoreApp.EXE
(Qualcomm Atheros) c:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) c:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(CyberLink) C:\Program Files (x86)\CD-Laufwerk\Power2Go\CLMLSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(BitLeader) C:\Program Files (x86)\CD-Laufwerk\fwupdate.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PMMUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-01-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-07-31] ()
HKCU\...\Run: [CPenCore] - C:\Program Files (x86)\C-Pen Core\CPenCoreApp.exe [2528848 2012-03-15] (C Technologies)
HKLM-x32\...\Run: [BakupManagerTray] - "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] - "C:\Program Files (x86)\CD-Laufwerk\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CD-Laufwerk\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - "C:\Program Files (x86)\CD-Laufwerk\Power2Go\CLMLSvc.exe" [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - "C:\Program Files (x86)\CD-Laufwerk\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CD-Laufwerk\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] - "C:\Program Files (x86)\CD-Laufwerk\lgfw.exe" blrun [27760 2013-01-07] (Bitleader)
HKLM-x32\...\Run: [UpdatePSTShortCut] - "C:\Program Files (x86)\CD-Laufwerk\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CD-Laufwerk\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [222504 2010-04-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454600 2013-02-28] (McAfee, Inc.)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-07-20] (Acer Incorporated)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r [1845392 2012-07-20] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope {FE9F5C67-FE4E-4AD2-BF18-19D2B8E9697B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {FE9F5C67-FE4E-4AD2-BF18-19D2B8E9697B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {FE9F5C67-FE4E-4AD2-BF18-19D2B8E9697B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {FE9F5C67-FE4E-4AD2-BF18-19D2B8E9697B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {FE9F5C67-FE4E-4AD2-BF18-19D2B8E9697B} URL =
SearchScopes: HKCU - {FE9F5C67-FE4E-4AD2-BF18-19D2B8E9697B} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: msdaipp - No CLSID Value -
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: msdaipp - No CLSID Value -
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CA241F15-231B-48F3-90EC-098E887DCCCB}: [NameServer]139.18.25.3,139.18.1.2
FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\44ek7g7l.default
FF Homepage: hxxp://webmail.t-online.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Bitdefender QuickScan - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\44ek7g7l.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: searchdictcc - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\44ek7g7l.default\Extensions\searchdictcc@roughael.xpi
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-01-07] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-07-31] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R2 dtpd; C:\Program Files (x86)\VPN-Client\dtpd.exe [56592 2010-10-08] ()
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92560 2013-01-29] (ELAN Microelectronics Corp.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 iked; C:\Program Files (x86)\VPN-Client\iked.exe [957712 2010-10-08] ()
R2 ipsecd; C:\Program Files (x86)\VPN-Client\ipsecd.exe [697616 2010-10-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [120592 2013-05-22] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [388680 2013-06-15] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-02-28] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-04-03] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-04-03] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-28] (Dritek System INC.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-07-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-04-03] (McAfee, Inc.)
S3 CPen; C:\Windows\System32\Drivers\CPen.sys [21184 2010-04-08] ()
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-04-22] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-04-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309968 2013-04-03] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69240 2013-04-03] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [516608 2013-04-03] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [772944 2013-04-03] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [337120 2013-02-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95856 2013-02-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [342416 2013-04-03] (McAfee, Inc.)
U4 Ncpiddost;
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-28] (Dritek System Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-23 11:59 - 2013-07-23 11:59 - 00000000 ____D C:\FRST
2013-07-23 11:58 - 2013-07-23 11:58 - 01779447 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2013-07-23 11:57 - 2013-07-23 11:58 - 01779447 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2013-07-23 11:00 - 2013-07-23 11:00 - 00022262 _____ C:\Users\Philipp\Desktop\combofix.txt
2013-07-23 11:00 - 2013-07-23 11:00 - 00022262 _____ C:\ComboFix.txt
2013-07-23 10:44 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-23 10:44 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-23 10:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-23 10:44 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-23 10:44 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-23 10:44 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-07-23 10:44 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-23 10:44 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-23 10:44 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-23 10:40 - 2013-07-23 11:00 - 00000000 ____D C:\Qoobox
2013-07-23 10:40 - 2013-07-23 10:57 - 00000000 ____D C:\Windows\erdnt
2013-07-23 10:39 - 2013-07-23 10:39 - 05091940 ____R (Swearware) C:\Users\Philipp\Downloads\ComboFix.exe
2013-07-23 10:13 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-07-23 10:03 - 2013-07-23 10:04 - 21728904 _____ (Microsoft Corporation) C:\Users\Philipp\Downloads\Windows-KB890830-x64-V5.2.exe
2013-07-23 10:02 - 2013-07-23 11:21 - 00221634 _____ C:\Windows\WindowsUpdate.log
2013-07-22 23:24 - 2013-07-22 23:24 - 00000247 _____ C:\Users\Philipp\Desktop\Wie kann ich Facebook.vbs entfernen - Trojaner-Board.URL
2013-07-22 18:36 - 2013-07-23 11:11 - 00001848 _____ C:\Users\Public\Desktop\McAfee Total Protection.lnk
2013-07-22 18:36 - 2013-07-23 11:08 - 00000000 __RSD C:\Users\Philipp\Documents\McAfee-Tresore
2013-07-22 18:36 - 2013-07-22 18:36 - 00000000 ____D C:\Users\Philipp\AppData\Local\McAfee File Lock
2013-07-22 18:36 - 2013-04-22 15:46 - 00074560 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\McPvDrv.sys
2013-07-22 18:36 - 2012-05-28 10:28 - 00197264 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-07-22 18:35 - 2013-07-22 18:35 - 00000000 ____D C:\Program Files (x86)\McAfee.com
2013-07-22 18:34 - 2013-07-23 09:40 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-22 18:34 - 2013-07-22 18:37 - 00000000 ____D C:\Program Files\McAfee
2013-07-22 18:34 - 2013-07-22 18:34 - 00000000 ____D C:\Program Files\McAfee.com
2013-07-22 18:27 - 2013-07-23 11:06 - 00004778 _____ C:\Windows\PFRO.log
2013-07-22 18:15 - 2013-07-22 18:15 - 05104520 _____ (McAfee, Inc.) C:\Users\Philipp\Downloads\McAfeeSetup.exe
2013-07-22 18:12 - 2013-07-22 18:12 - 05282797 _____ C:\Users\Philipp\Downloads\wetransfer-8c3f77.zip
2013-07-22 18:00 - 2013-07-22 18:00 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Malwarebytes
2013-07-22 17:59 - 2013-07-22 17:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-22 17:58 - 2013-07-22 17:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-22 17:55 - 2013-07-22 17:55 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-07-22 17:53 - 2013-07-22 17:53 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\QuickScan
2013-07-22 17:24 - 2013-07-22 17:24 - 00001390 _____ C:\Users\Philipp\Desktop\abschlussstipendien.txt
2013-07-22 09:11 - 2013-07-22 09:18 - 70875090 _____ C:\Users\Philipp\Downloads\Mission-of-Burma---The-Horrible-Truth-Abo.rar
2013-07-22 09:07 - 2013-07-22 09:08 - 97629783 _____ C:\Users\Philipp\Downloads\Mission-of-Burma---VS.rar
2013-07-22 09:06 - 2013-07-22 09:07 - 96949938 _____ C:\Users\Philipp\Downloads\MIssion-of-Burma---ONoffON.rar
2013-07-19 08:44 - 2013-07-19 08:44 - 00370016 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 08:02 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-19 08:02 - 2013-04-24 01:12 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-19 08:02 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-19 08:02 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-19 08:02 - 2013-04-24 00:55 - 01889280 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-19 08:02 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-19 08:02 - 2013-04-24 00:55 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-19 08:02 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-19 08:02 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-19 08:01 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-19 08:01 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-19 08:00 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-07-19 08:00 - 2013-05-04 09:34 - 00446720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-07-19 08:00 - 2013-05-04 09:34 - 00284416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-07-19 08:00 - 2013-05-04 09:30 - 00058312 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-07-19 08:00 - 2013-05-04 08:59 - 13644288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-07-19 08:00 - 2013-05-04 08:59 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-07-19 08:00 - 2013-05-04 08:59 - 01619968 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-07-19 08:00 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-07-19 08:00 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-07-19 08:00 - 2013-05-04 08:59 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-07-19 08:00 - 2013-05-04 08:59 - 00251904 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-07-19 08:00 - 2013-05-04 08:59 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-07-19 08:00 - 2013-05-04 08:59 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-07-19 08:00 - 2013-05-04 08:59 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-07-19 08:00 - 2013-05-04 08:58 - 10116096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-07-19 08:00 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-07-19 08:00 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-07-19 08:00 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-07-19 08:00 - 2013-05-04 08:58 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-07-19 08:00 - 2013-05-04 08:58 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-07-19 08:00 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-07-19 08:00 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-07-19 08:00 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-07-19 08:00 - 2013-05-04 08:57 - 02305024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-19 08:00 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-07-19 08:00 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-07-19 08:00 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-07-19 08:00 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-07-19 08:00 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-07-19 08:00 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-07-19 08:00 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-07-19 08:00 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-07-19 08:00 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-07-19 08:00 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-07-19 08:00 - 2013-05-04 06:58 - 00621056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-07-19 08:00 - 2013-05-04 06:58 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-07-19 08:00 - 2013-05-04 06:58 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-07-19 08:00 - 2013-05-04 06:58 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-07-19 08:00 - 2013-05-04 06:57 - 10788864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-07-19 08:00 - 2013-05-04 06:57 - 08857088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-07-19 08:00 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-07-19 08:00 - 2013-05-04 06:57 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-07-19 08:00 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-07-19 08:00 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-07-19 08:00 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-07-19 08:00 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-07-19 08:00 - 2013-05-04 06:56 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-19 08:00 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-07-19 08:00 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-07-19 08:00 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-07-19 08:00 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-07-19 08:00 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-07-19 08:00 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-07-19 08:00 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-07-19 08:00 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-07-19 07:59 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-19 07:59 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-19 07:59 - 2013-06-01 11:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-19 07:59 - 2013-06-01 11:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-19 07:59 - 2013-05-31 01:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-19 07:59 - 2013-05-31 01:14 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-19 07:59 - 2013-05-31 01:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-19 07:59 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-07-19 07:59 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-07-19 07:59 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-07-19 07:59 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-07-19 07:58 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-19 07:58 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-19 07:58 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-19 07:58 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-19 07:58 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-19 07:58 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-19 07:58 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-19 07:58 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-19 07:58 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-19 07:58 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-19 07:58 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-19 07:58 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-19 07:58 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-19 07:58 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-19 07:58 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-19 07:58 - 2013-06-01 13:54 - 00194816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-07-19 07:58 - 2013-06-01 13:54 - 00125184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-07-19 07:58 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-07-19 07:58 - 2013-06-01 13:33 - 02233600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-19 07:58 - 2013-06-01 13:29 - 00337152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-07-19 07:58 - 2013-06-01 13:29 - 00213248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-07-19 07:58 - 2013-06-01 13:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-19 07:58 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-07-19 07:58 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-07-19 07:58 - 2013-06-01 11:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-19 07:58 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-07-19 07:58 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-07-19 07:58 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-07-19 07:58 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-07-19 07:58 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-07-19 07:58 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-19 07:58 - 2013-06-01 11:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-19 07:58 - 2013-06-01 11:22 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-19 07:58 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-07-19 07:58 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-07-19 07:58 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-07-19 07:58 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-07-19 07:58 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-07-19 07:58 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-07-19 07:58 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-07-19 07:58 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-07-19 07:58 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-07-19 07:58 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-07-19 07:58 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-07-19 07:58 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-07-19 07:58 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-07-19 07:58 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-07-19 07:58 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-07-19 07:58 - 2013-05-24 01:01 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-07-19 07:58 - 2013-05-24 00:27 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-07-19 07:58 - 2013-05-20 02:08 - 00386642 _____ C:\Windows\system32\ApnDatabase.xml
2013-07-19 07:58 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-07-19 07:58 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-07-19 07:58 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-19 07:58 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-19 07:58 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-07-19 07:54 - 2013-05-16 00:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-07-19 07:54 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-19 07:54 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-19 07:47 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-16 08:45 - 2013-07-16 08:45 - 00000212 _____ C:\Users\Philipp\Desktop\Storyboard Galore Gelabb 3.0 & more, as long my old blog is down ….URL
2013-07-13 00:17 - 2013-07-13 00:17 - 00013860 _____ C:\Users\Philipp\Downloads\beitrag_kck_trauerfeier.odt
2013-07-12 15:22 - 2013-07-12 15:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-07-12 15:22 - 2013-07-12 15:22 - 00000000 ____D C:\Users\Philipp\AppData\Local\Cyberlink
2013-07-08 18:29 - 2013-07-08 18:29 - 00000234 _____ C:\Users\Philipp\Desktop\ZiF-Arbeitsgemeinschaften.URL
2013-07-08 07:14 - 2013-07-08 07:14 - 01385472 _____ C:\Users\Philipp\Downloads\Werthmann Bergbau_15-07-13.ppt
2013-07-07 11:20 - 2013-07-07 11:20 - 00014309 _____ C:\Users\Philipp\Downloads\dt-poln_Workshop.xlsx
2013-07-05 13:42 - 2013-07-05 13:42 - 00010429 _____ C:\Users\Philipp\Downloads\potentielle GenossenschaftlerInnen(2).xlsx
2013-07-05 08:50 - 2013-07-05 08:50 - 00000226 _____ C:\Users\Philipp\Desktop\Einspruch! - Rio Reiser diskutiert mit Störkraft - 1992 komplett - YouTube.URL
2013-07-02 21:49 - 2013-07-02 21:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-02 12:59 - 2013-07-02 13:00 - 00015172 _____ C:\Users\Philipp\Downloads\60.Papa.Adressen-n.xlsx
2013-07-01 16:55 - 2013-07-01 16:55 - 00009607 _____ C:\Users\Philipp\Downloads\Spendenliste.xlsx
2013-07-01 07:54 - 2013-07-01 07:54 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 07:54 - 2013-07-01 07:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-01 07:54 - 2013-07-01 07:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-01 07:54 - 2013-07-01 07:54 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-01 07:54 - 2013-07-01 07:54 - 00000000 ____D C:\Program Files (x86)\Java
==================== One Month Modified Files and Folders =======
2013-07-23 11:59 - 2013-07-23 11:59 - 00000000 ____D C:\FRST
2013-07-23 11:58 - 2013-07-23 11:58 - 01779447 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2013-07-23 11:58 - 2013-07-23 11:57 - 01779447 _____ (Farbar) C:\Users\Philipp\Downloads\FRST64.exe
2013-07-23 11:37 - 2013-01-07 16:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-23 11:24 - 2012-08-28 14:15 - 00768750 _____ C:\Windows\system32\perfh007.dat
2013-07-23 11:24 - 2012-08-28 14:15 - 00160382 _____ C:\Windows\system32\perfc007.dat
2013-07-23 11:24 - 2012-07-26 09:28 - 01765948 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-23 11:21 - 2013-07-23 10:02 - 00221634 _____ C:\Windows\WindowsUpdate.log
2013-07-23 11:11 - 2013-07-22 18:36 - 00001848 _____ C:\Users\Public\Desktop\McAfee Total Protection.lnk
2013-07-23 11:08 - 2013-07-22 18:36 - 00000000 __RSD C:\Users\Philipp\Documents\McAfee-Tresore
2013-07-23 11:07 - 2013-01-07 15:41 - 00000344 _____ C:\Windows\lgfwup.ini
2013-07-23 11:07 - 2013-01-07 15:33 - 00000000 ____D C:\Program Files (x86)\CD-Laufwerk
2013-07-23 11:06 - 2013-07-22 18:27 - 00004778 _____ C:\Windows\PFRO.log
2013-07-23 11:06 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-23 11:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-07-23 11:00 - 2013-07-23 11:00 - 00022262 _____ C:\Users\Philipp\Desktop\combofix.txt
2013-07-23 11:00 - 2013-07-23 11:00 - 00022262 _____ C:\ComboFix.txt
2013-07-23 11:00 - 2013-07-23 10:40 - 00000000 ____D C:\Qoobox
2013-07-23 10:57 - 2013-07-23 10:40 - 00000000 ____D C:\Windows\erdnt
2013-07-23 10:57 - 2012-12-25 04:54 - 00000000 ___RD C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-23 10:56 - 2012-07-26 07:26 - 00000215 _____ C:\Windows\system.ini
2013-07-23 10:39 - 2013-07-23 10:39 - 05091940 ____R (Swearware) C:\Users\Philipp\Downloads\ComboFix.exe
2013-07-23 10:18 - 2012-07-26 02:40 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-07-23 10:18 - 2012-07-26 02:38 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-07-23 10:08 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-07-23 10:04 - 2013-07-23 10:03 - 21728904 _____ (Microsoft Corporation) C:\Users\Philipp\Downloads\Windows-KB890830-x64-V5.2.exe
2013-07-23 09:47 - 2012-08-09 15:01 - 00000000 ____D C:\ProgramData\McAfee
2013-07-23 09:40 - 2013-07-22 18:34 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-07-22 23:24 - 2013-07-22 23:24 - 00000247 _____ C:\Users\Philipp\Desktop\Wie kann ich Facebook.vbs entfernen - Trojaner-Board.URL
2013-07-22 18:41 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-07-22 18:39 - 2013-01-07 18:10 - 00000000 ____D C:\Users\Philipp\Desktop\Kopie
2013-07-22 18:37 - 2013-07-22 18:34 - 00000000 ____D C:\Program Files\McAfee
2013-07-22 18:36 - 2013-07-22 18:36 - 00000000 ____D C:\Users\Philipp\AppData\Local\McAfee File Lock
2013-07-22 18:36 - 2012-08-09 15:01 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-07-22 18:35 - 2013-07-22 18:35 - 00000000 ____D C:\Program Files (x86)\McAfee.com
2013-07-22 18:35 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-07-22 18:34 - 2013-07-22 18:34 - 00000000 ____D C:\Program Files\McAfee.com
2013-07-22 18:21 - 2013-01-07 23:00 - 00000000 ____D C:\Users\Philipp\The Sandbox Collective
2013-07-22 18:15 - 2013-07-22 18:15 - 05104520 _____ (McAfee, Inc.) C:\Users\Philipp\Downloads\McAfeeSetup.exe
2013-07-22 18:12 - 2013-07-22 18:12 - 05282797 _____ C:\Users\Philipp\Downloads\wetransfer-8c3f77.zip
2013-07-22 18:00 - 2013-07-22 18:00 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Malwarebytes
2013-07-22 17:59 - 2013-07-22 17:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-07-22 17:58 - 2013-07-22 17:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-1.75.0.1300.exe
2013-07-22 17:55 - 2013-07-22 17:55 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-07-22 17:53 - 2013-07-22 17:53 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\QuickScan
2013-07-22 17:27 - 2013-01-07 18:27 - 00000000 ____D C:\Users\Philipp\AppData\Local\CrashDumps
2013-07-22 17:24 - 2013-07-22 17:24 - 00001390 _____ C:\Users\Philipp\Desktop\abschlussstipendien.txt
2013-07-22 17:23 - 2013-04-30 18:25 - 00000000 ____D C:\Users\Philipp\Desktop\Route 60
2013-07-22 15:45 - 2012-12-25 07:15 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2936799037-1705027331-2200336274-1001
2013-07-22 09:18 - 2013-07-22 09:11 - 70875090 _____ C:\Users\Philipp\Downloads\Mission-of-Burma---The-Horrible-Truth-Abo.rar
2013-07-22 09:08 - 2013-07-22 09:07 - 97629783 _____ C:\Users\Philipp\Downloads\Mission-of-Burma---VS.rar
2013-07-22 09:07 - 2013-07-22 09:06 - 96949938 _____ C:\Users\Philipp\Downloads\MIssion-of-Burma---ONoffON.rar
2013-07-20 15:13 - 2013-01-07 22:33 - 00000000 ____D C:\Users\Philipp\Desktop\Lesen, Hören und Gucken
2013-07-20 10:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-07-19 12:03 - 2013-03-04 12:51 - 00000000 ____D C:\ProgramData\Syscon
2013-07-19 08:44 - 2013-07-19 08:44 - 00370016 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-19 08:42 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-07-19 08:38 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-19 08:37 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-07-19 08:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-07-19 08:37 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-07-19 08:37 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-07-19 08:37 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-07-19 08:37 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-07-19 08:37 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2013-07-18 11:45 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\NDF
2013-07-17 19:30 - 2013-02-06 23:19 - 00000563 _____ C:\Windows\sam8_d.INI
2013-07-17 19:30 - 2012-07-26 07:26 - 00000197 _____ C:\Windows\win.ini
2013-07-17 14:11 - 2013-01-07 17:17 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Swiss Academic Software
2013-07-17 14:11 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-07-17 11:15 - 2013-04-30 18:18 - 00000000 ____D C:\Users\Philipp\Desktop\Verschieben auf Externe
2013-07-16 08:45 - 2013-07-16 08:45 - 00000212 _____ C:\Users\Philipp\Desktop\Storyboard Galore Gelabb 3.0 & more, as long my old blog is down ….URL
2013-07-14 13:46 - 2013-01-07 22:33 - 00000000 ____D C:\Users\Philipp\Desktop\Dissertation
2013-07-14 13:44 - 2013-01-07 23:01 - 00000000 ____D C:\Users\Philipp\Fotos
2013-07-13 11:40 - 2013-01-08 12:44 - 00000000 ____D C:\Users\Philipp\AppData\Local\Adobe
2013-07-13 11:39 - 2013-01-07 16:24 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-13 00:17 - 2013-07-13 00:17 - 00013860 _____ C:\Users\Philipp\Downloads\beitrag_kck_trauerfeier.odt
2013-07-12 15:31 - 2013-01-07 16:03 - 00000000 ____D C:\ProgramData\Adobe
2013-07-12 15:31 - 2012-12-25 04:54 - 00000000 ____D C:\Users\Philipp\AppData\Roaming\Adobe
2013-07-12 15:22 - 2013-07-12 15:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-07-12 15:22 - 2013-07-12 15:22 - 00000000 ____D C:\Users\Philipp\AppData\Local\Cyberlink
2013-07-10 18:35 - 2013-03-24 20:52 - 00000000 ____D C:\Users\Philipp\Referententätigkeit
2013-07-08 18:29 - 2013-07-08 18:29 - 00000234 _____ C:\Users\Philipp\Desktop\ZiF-Arbeitsgemeinschaften.URL
2013-07-08 07:14 - 2013-07-08 07:14 - 01385472 _____ C:\Users\Philipp\Downloads\Werthmann Bergbau_15-07-13.ppt
2013-07-07 11:20 - 2013-07-07 11:20 - 00014309 _____ C:\Users\Philipp\Downloads\dt-poln_Workshop.xlsx
2013-07-05 15:53 - 2013-01-07 18:06 - 00091568 _____ C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-05 13:42 - 2013-07-05 13:42 - 00010429 _____ C:\Users\Philipp\Downloads\potentielle GenossenschaftlerInnen(2).xlsx
2013-07-05 08:50 - 2013-07-05 08:50 - 00000226 _____ C:\Users\Philipp\Desktop\Einspruch! - Rio Reiser diskutiert mit Störkraft - 1992 komplett - YouTube.URL
2013-07-04 08:39 - 2013-01-07 20:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-03 18:36 - 2013-01-07 16:21 - 00000000 ____D C:\Users\Philipp\bewerb
2013-07-03 18:34 - 2013-01-07 16:21 - 00000000 ____D C:\Users\Philipp\Blog
2013-07-02 21:49 - 2013-07-02 21:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-02 13:00 - 2013-07-02 12:59 - 00015172 _____ C:\Users\Philipp\Downloads\60.Papa.Adressen-n.xlsx
2013-07-01 22:45 - 2013-01-07 18:11 - 00000996 _____ C:\Users\Philipp\Desktop\Musikziehen.txt
2013-07-01 16:55 - 2013-07-01 16:55 - 00009607 _____ C:\Users\Philipp\Downloads\Spendenliste.xlsx
2013-07-01 07:54 - 2013-07-01 07:54 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-07-01 07:54 - 2013-07-01 07:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-07-01 07:54 - 2013-07-01 07:54 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-07-01 07:54 - 2013-07-01 07:54 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-01 07:54 - 2013-07-01 07:54 - 00000000 ____D C:\Program Files (x86)\Java
2013-07-01 07:54 - 2013-05-17 14:01 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-07-01 07:54 - 2013-05-17 14:01 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-28 00:04 - 2013-01-14 20:26 - 00693112 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 00:04 - 2013-01-14 20:26 - 00078200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-24 00:57 - 2012-12-25 07:42 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2013-07-19 07:58] - [2013-06-01 13:34] - 2391280 ____A (Microsoft Corporation) 0E8E6463F81C80AFBED533E0F1F8895D
C:\Windows\SysWOW64\explorer.exe
[2013-07-19 07:58] - [2013-06-01 12:24] - 2106176 ____A (Microsoft Corporation) EAFE46B0292D2BD2467835E2ACF717CC
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2013-07-19 07:58] - [2013-06-01 13:26] - 0327936 ____A (Microsoft Corporation) 78A5BBA3819FFFC62FFEC3E2220D102D
LastRegBack: 2013-07-21 20:12
==================== End Of Log ============================ --- --- ---
--- --- ---
und die Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-07-2013 01
Ran by Philipp at 2013-07-23 12:00:54
Running from C:\Users\Philipp\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
clear.fi SDK - Video 2 (x32 Version: 2.1.1910)
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910)
Acer Backup Manager (x32 Version: 4.0.0.0053)
Acer Device Fast-lane (Version: 1.00.3003)
Acer Power Management (Version: 7.00.3003)
Acer Recovery Management (Version: 6.00.3006)
AcerCloud (x32 Version: 2.01.3112)
AcerCloud Docs (x32 Version: 1.00.3103)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Photoshop CS (x32 Version: CS)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
Backup Manager v4 (x32 Version: 4.0.0.0053)
Bejeweled 3 (x32 Version: 2.2.0.98)
Broadcom Card Reader Driver Installer (Version: 15.4.4.2)
Citavi (x32 Version: 3.4.0.1)
clear.fi Media (x32 Version: 2.01.3107)
clear.fi Photo (x32 Version: 2.01.3107)
C-Pen Core (x32 Version: 1.5.2.8)
C-Pen OCR Engine (x32 Version: 1.0.0)
CR2 Converter (x32)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3103_44819)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98)
eaner (Version: 3.23)
ETDWare PS/2-X64 11.6.11.002_WHQL (Version: 11.6.11.002)
FastStone Capture 5.3 (x32 Version: 5.3)
Final Drive: Nitro (x32 Version: 2.2.0.95)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25))
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110)
Identity Card (x32 Version: 2.00.3002)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.0.1207)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Island Tribe (x32 Version: 2.2.0.98)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Jewel Match 3 (x32 Version: 2.2.0.98)
John Deere Drive Green (x32 Version: 2.2.0.95)
Launch Manager (x32 Version: 7.0.4)
LG CyberLink LabelPrint (x32 Version: 2.5.3109)
LG CyberLink Power2Go (x32 Version: 6.2.4009)
LG CyberLink PowerBackup (x32 Version: 2.5.5529)
LG ODD Auto Firmware Update (x32 Version: 10.01.0712.01)
LG Power Tools (x32 Version: 6.0.3316)
Live Updater (x32 Version: 2.00.3002)
Magic Academy (x32 Version: 2.2.0.98)
Magix Samplitude Professional v8.0 (x32)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
McAfee Total Protection (x32 Version: 12.1.353)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.5614.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MyWinLocker (Version: 4.0.14.35)
MyWinLocker 4 (x32 Version: 4.0.14.35)
MyWinLocker Suite (x32 Version: 4.0.14.24)
Norton Online Backup (x32 Version: 2.2.3.45)
Norton Online Backup ARA (x32 Version: 4.1.0.10)
Notepad++ (x32 Version: 6.3)
Penguins! (x32 Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
Polar Bowler (x32 Version: 2.2.0.97)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.204)
Qualcomm Atheros WiFi Driver Installation (x32 Version: 11.31)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657)
Shared C Run-time for x64 (Version: 10.0.0)
Shredder (Version: 2.0.8.9)
Shredder (x32 Version: 2.0.8.9)
Shrew Soft VPN Client
Spotify (x32 Version: 0.8.4.99.ga249b5f1)
Tales of Lagoona (x32 Version: 2.2.0.110)
Update Installer for WildTangent Games App (x32)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime (x32)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1)
WildTangent Games (x32 Version: 1.0.3.0)
WildTangent Games App (x32 Version: 4.0.9.3)
Windows-Treiberpaket - C Technologies AB (CPen) Input Pen (02/22/2010 3.0.0.2) (Version: 02/22/2010 3.0.0.2)
WinRAR archiver (x32)
Wuala (HKCU Version: 1.0.428.0)
Wuala CBFS (x32 Version: 3.2.107.0)
Wuala OverlayIcons (x32 Version: 1.0.0.2)
Zuma's Revenge (x32 Version: 2.2.0.98)
==================== Restore Points =========================
01-07-2013 05:53:30 Installed Java 7 Update 25
09-07-2013 06:08:12 Geplanter Prüfpunkt
18-07-2013 05:56:26 Geplanter Prüfpunkt
23-07-2013 08:08:19 Windows Update
==================== Hosts content: ==========================
2012-07-26 07:26 - 2013-07-23 10:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {14263173-A263-40F9-97C2-5EF6F7C32132} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {273F59A0-948E-47D1-8933-CEC4F01CFC6B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2013-06-01] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {6C8C258C-B93A-4D18-A5FF-F585DCB92999} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {73B63A16-6FCC-4AC6-84A7-569687186FC3} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7C764B46-4D62-4A84-8560-46D35B4174ED} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2936799037-1705027331-2200336274-1001
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {81B5A707-DDD8-4B67-BADE-121696D5A38F} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87085F06-861F-448B-B349-28BE4BB39F64} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {916DBB1B-7694-48DC-AB9C-3DC26DBAA631} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {97A69FB6-25CA-46BA-926C-9DCA04C46827} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9976381B-0536-4A18-804B-B6D2E36279E6} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {A3C46CE5-A656-4152-9B35-26BAEC03CC17} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2936799037-1705027331-2200336274-500
Task: {A4570AB8-3480-4100-83AF-CB2B31C91802} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AE9B7972-8A8D-4C65-84EC-BE25BF57766F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe [2012-08-15] (Microsoft Corporation)
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {CE20552D-830E-4C68-AC83-7A4638F4FDF9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-13] (Adobe Systems Incorporated)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DD9B26E9-8D71-4725-A4FC-4187DD0941C2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {DEA18B2B-7B2E-465E-9E8E-7639F31BC5A8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Faulty Device Manager Devices =============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/22/2013 05:27:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WScript.exe, Version: 5.8.9200.16384, Zeitstempel: 0x50109bcc
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16579, Zeitstempel: 0x51637f77
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ebd59
ID des fehlerhaften Prozesses: 0xf7c
Startzeit der fehlerhaften Anwendung: 0xWScript.exe0
Pfad der fehlerhaften Anwendung: WScript.exe1
Pfad des fehlerhaften Moduls: WScript.exe2
Berichtskennung: WScript.exe3
Vollständiger Name des fehlerhaften Pakets: WScript.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WScript.exe5
Error: (07/21/2013 08:19:29 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/21/2013 08:17:19 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/19/2013 01:25:01 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib) (User: )
Description: rdyboost4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (07/19/2013 08:23:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (07/23/2013 11:06:28 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Program Files (x86)\Qualcomm Atheros\AthIhvWlanExt.dll
Fehlercode: 126
Error: (07/23/2013 11:06:18 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 23.07.2013 um 10:59:00 unerwartet heruntergefahren.
Error: (07/23/2013 10:56:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (07/23/2013 10:55:08 AM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys
Error: (07/23/2013 10:51:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (07/23/2013 10:29:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Program Files (x86)\Qualcomm Atheros\AthIhvWlanExt.dll
Fehlercode: 126
Error: (07/23/2013 10:12:45 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2855336)
Error: (07/23/2013 09:40:18 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Program Files (x86)\Qualcomm Atheros\AthIhvWlanExt.dll
Fehlercode: 126
Error: (07/22/2013 06:38:01 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Error: (07/22/2013 06:29:47 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.
Microsoft Office Sessions:
=========================
Error: (07/22/2013 05:27:09 PM) (Source: Application Error)(User: )
Description: WScript.exe5.8.9200.1638450109bccntdll.dll6.2.9200.1657951637f77c000037400000000000ebd59f7c01ce86a8fa261924C:\Windows\System32\WScript.exeC:\Windows\SYSTEM32\ntdll.dll2bffc8f5-f2e3-11e2-8012-b888e39f4172
Error: (07/21/2013 08:19:29 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\c-pen core\usbdriver\DPInst_ia64.exe
Error: (07/21/2013 08:17:19 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\c-pen core\usbdriver\DPInst_ia64.exe
Error: (07/19/2013 01:25:01 PM) (Source: Perflib)(User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib)(User: )
Description: rdyboost4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib)(User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib)(User: )
Description: LsaC:\Windows\System32\Secur32.dll4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib)(User: )
Description: ESENTC:\Windows\system32\esentprf.dll4
Error: (07/19/2013 01:25:01 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (07/19/2013 08:23:13 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files (x86)\c-pen core\usbdriver\DPInst_ia64.exe
CodeIntegrity Errors:
===================================
Date: 2013-07-23 10:55:08.582
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 3909.27 MB
Available physical RAM: 2410.61 MB
Total Pagefile: 4613.27 MB
Available Pagefile: 2994.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:447.19 GB) (Free:305.66 GB) NTFS (Disk=0 Partition=4)
Drive d: (KINGSTON) (Removable) (Total:3.65 GB) (Free:2.55 GB) FAT32 (Disk=1 Partition=1)
Drive e: (TEACMP-280) (Removable) (Total:1.88 GB) (Free:0.06 GB) FAT32 (Disk=2 Partition=1)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 33515CB2)
Partition: GPT Partition Type
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0C)
========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 6E652072)
Partition 1: (Not Active) - (Size=811 GB) - (Type=6E)
Partition 2: (Not Active) - (Size=468 GB) - (Type=FF)
Partition 3: (Not Active) - (Size=80 GB) - (Type=74)
Partition 4: (Not Active) - (Size=26 MB) - (Type=00)
==================== End Of Log ============================ |