| medianer | 27.08.2013 20:25 |
Adwcleaner Code:
# AdwCleaner v3.001 - Report created 27/08/2013 at 19:41:39
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Tim - HARZERROLLER
# Running from : C:\Users\Tim\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\SoftwareUpdater
Folder Deleted : C:\Program Files\Covus Freemium
Folder Deleted : C:\Program Files\SoftwareUpdater
Folder Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\c412vmmm.default\jetpack
File Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\c412vmmm.default\searchplugins\11-suche.xml
File Deleted : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\c412vmmm.default\user.js
File Deleted : C:\Windows\System32\Tasks\FreeDriverScout
File Deleted : C:\Windows\System32\Tasks\Software Updater Ui
File Deleted : C:\Windows\System32\Tasks\Software Updater
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC8}
Key Deleted : HKCU\Software\OCS
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16660
-\\ Mozilla Firefox v17.0.8 (de)
[ File : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\c412vmmm.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "Web Search...");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.spiegel.de/|hxxp://www.sueddeutsche.de/|hxxp://www.mz-web.de/servlet/ContentServer?pagename=ksta/page&atype=Page&aid=987490165154&openMenu=98749016515[...]
[ File : C:\Users\Tine\AppData\Roaming\Mozilla\Firefox\Profiles\zo8yozga.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [2233 octets] - [27/08/2013 18:28:43]
AdwCleaner[R1].txt - [2352 octets] - [27/08/2013 19:41:17]
AdwCleaner[S0].txt - [294 octets] - [27/08/2013 19:39:46]
AdwCleaner[S1].txt - [2163 octets] - [27/08/2013 19:41:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2223 octets] ##########
Combofix Code:
ComboFix 13-08-27.02 - Tim 27.08.2013 19:56:08.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.16351.14087 [GMT 2:00]
ausgeführt von:: c:\users\Tim\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\users\Tine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Internet Explorer.lnk
c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
c:\windows\IsUn0407.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-07-27 bis 2013-08-27 ))))))))))))))))))))))))))))))
.
.
2013-08-27 17:59 . 2013-08-27 17:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-27 17:59 . 2013-08-27 17:59 -------- d-----w- c:\users\Tine\AppData\Local\temp
2013-08-27 16:28 . 2013-08-27 17:41 -------- d-----w- C:\AdwCleaner
2013-08-27 16:04 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C2D62380-8D46-4E70-85FE-51CDE8482BA2}\mpengine.dll
2013-08-26 19:38 . 2013-08-26 19:38 -------- d-----w- C:\FRST
2013-08-26 18:38 . 2013-08-26 18:38 32000 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2013-08-23 17:31 . 2013-08-23 17:31 -------- d-----w- c:\users\Tim\AppData\Roaming\webex
2013-08-23 17:31 . 2013-08-23 17:31 -------- d-----w- c:\programdata\WebEx
2013-08-21 18:57 . 2013-08-21 18:57 -------- d-----w- C:\Intel
2013-08-20 18:41 . 2013-08-26 18:13 -------- d-----w- c:\programdata\HitmanPro
2013-08-18 11:30 . 2013-08-18 11:30 183224 ----a-w- c:\windows\system32\drivers\tib_mounter.sys
2013-08-18 11:30 . 2013-08-18 11:30 1119672 ----a-w- c:\windows\system32\drivers\tib.sys
2013-08-18 11:30 . 2013-08-18 11:30 98592 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2013-08-18 11:30 . 2013-08-18 11:30 233760 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-08-18 11:30 . 2013-08-18 11:30 -------- d-----w- c:\users\Acronis Agent User.Harzerroller
2013-08-18 11:30 . 2013-08-18 11:30 -------- d-----w- c:\windows\Acronis
2013-08-18 11:30 . 2013-08-18 11:32 -------- d-----w- c:\program files (x86)\Acronis
2013-08-17 17:44 . 2013-06-18 08:22 872152 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2013-08-17 17:44 . 2013-06-18 08:22 74456 ----a-w- c:\windows\system32\RtNicProp64.dll
2013-08-17 16:25 . 2013-08-17 16:25 -------- d-----w- c:\users\Tim\AppData\Local\Matrox
2013-08-17 16:22 . 2009-07-14 01:15 315904 ----a-w- c:\windows\SysWow64\Difx470f.rra
2013-08-17 16:22 . 2000-01-01 00:00 123704 ----a-w- c:\windows\system32\drivers\jraid.sys
2013-08-17 16:21 . 2013-08-17 16:21 -------- d-----w- c:\users\Tim\AppData\Local\SlimWare Utilities Inc
2013-08-17 15:37 . 2013-08-21 18:28 -------- d-----w- c:\users\Tim\AppData\Roaming\vlc
2013-08-17 14:54 . 2013-05-06 07:13 110176 ----a-w- c:\windows\system32\klfphc.dll
2013-08-17 14:54 . 2013-08-17 14:54 -------- d-----w- c:\windows\ELAMBKUP
2013-08-17 14:54 . 2013-08-27 18:00 -------- d-----w- c:\programdata\Kaspersky Lab
2013-08-17 14:54 . 2013-08-17 14:54 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2013-08-17 14:54 . 2013-08-17 15:01 619616 ----a-w- c:\windows\system32\drivers\klif.sys
2013-08-17 14:54 . 2013-06-08 18:18 112224 ----a-w- c:\windows\system32\drivers\klflt.sys
2013-08-16 16:01 . 2013-08-16 16:01 -------- d-----w- c:\users\Tim\GNUstep
2013-08-16 15:57 . 2013-08-16 15:57 56016 ----a-w- c:\windows\system32\drivers\fsbts.sys
2013-08-16 15:19 . 2013-08-16 15:19 33408 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys
2013-08-16 15:19 . 2012-06-26 16:26 573680 ----a-w- c:\windows\SysWow64\msvcp50.dll
2013-08-16 15:19 . 2012-06-26 16:25 94160 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2013-08-16 15:19 . 2012-06-26 16:25 45872 ----a-w- c:\windows\system32\drivers\fses.sys
2013-08-13 18:51 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-08-12 19:05 . 2013-08-12 19:07 -------- d-----w- c:\program files (x86)\Areca
2013-08-08 20:11 . 2013-08-08 20:11 -------- d-----w- c:\users\Tim\AppData\Local\ACCCx2_1_0_213
2013-08-07 12:23 . 2013-08-07 12:23 644968 ----a-w- c:\windows\system32\drivers\iaStorA.sys
2013-08-07 12:23 . 2013-08-07 12:23 28008 ----a-w- c:\windows\system32\drivers\iaStorF.sys
2013-07-30 18:42 . 2013-07-30 18:42 -------- d-----w- c:\users\Tim\AppData\Roaming\com.prezi.PreziDesktop
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-13 18:52 . 2012-06-07 11:51 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-08-05 09:50 . 2012-06-07 10:40 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2013-07-24 14:04 . 2013-07-24 14:04 256512 ----a-w- c:\windows\system32\Ncs2Setp.dll
2013-07-24 13:54 . 2013-07-24 13:54 805592 ----a-w- c:\windows\system32\ncs2dmix.dll
2013-07-24 13:54 . 2013-07-24 13:54 794328 ----a-w- c:\windows\system32\accesor.dll
2013-07-24 13:45 . 2013-07-24 13:45 234200 ----a-w- c:\windows\system32\ncs2instutility.dll
2013-07-24 13:41 . 2013-07-24 13:41 3422424 ----a-w- c:\windows\system32\ncscolib.dll
2013-07-16 09:14 . 2013-07-24 20:38 3486680 ----a-w- c:\windows\system32\drivers\RTKVHD64.sys
2013-07-16 07:20 . 2013-07-24 20:38 29216256 ----a-w- c:\windows\system32\RCoRes64.dat
2013-07-16 02:52 . 2013-07-24 20:38 147160 ----a-w- c:\windows\system32\RCoInstII64.dll
2013-07-09 19:06 . 2013-05-25 10:51 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-09 19:06 . 2013-05-25 10:51 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-09 06:20 . 2013-07-24 20:38 3760344 ----a-w- c:\windows\system32\RtkAPO64.dll
2013-07-09 04:45 . 2013-08-13 18:51 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-08 19:30 . 2013-07-08 19:30 195336 ----a-w- c:\windows\system32\IPROSetMonitor.exe
2013-07-08 07:32 . 2013-07-24 20:38 4810008 ----a-w- c:\windows\system32\RTKSMlfx.dll
2013-07-08 07:31 . 2013-07-24 20:38 758104 ----a-w- c:\windows\system32\RTKSMSettingsIPC.dll
2013-07-04 09:05 . 2012-06-07 11:56 552760 ----a-w- c:\windows\system32\PROUnstl.exe
2013-07-03 17:50 . 2013-07-03 17:50 15008 ----a-w- c:\windows\system32\drivers\inpoutx64.sys
2013-07-02 22:17 . 2013-07-02 22:17 33616 ----a-w- c:\windows\system32\drivers\iqvw64e.sys
2013-06-27 03:12 . 2013-07-24 20:38 2795224 ----a-w- c:\windows\system32\RtPgEx64.dll
2013-06-26 07:18 . 2013-07-24 20:38 920832 ----a-w- c:\windows\system32\MaxxAudioAPOShell64.dll
2013-06-26 07:18 . 2013-07-24 20:38 14041344 ----a-w- c:\windows\system32\MaxxAudioRealtek64.dll
2013-06-26 07:17 . 2013-07-24 20:38 3603712 ----a-w- c:\windows\system32\MaxxAudioVnN64.dll
2013-06-26 07:17 . 2013-07-24 20:38 2032896 ----a-w- c:\windows\system32\MaxxAudioEQ64.dll
2013-06-26 07:17 . 2013-07-24 20:38 1904384 ----a-w- c:\windows\system32\MaxxAudioRealtek264.dll
2013-06-26 07:17 . 2013-07-24 20:38 2103040 ----a-w- c:\windows\system32\WavesGUILib64.dll
2013-06-26 07:17 . 2013-07-24 20:38 27515648 ----a-w- c:\windows\system32\MaxxAudioVnA64.dll
2013-06-21 00:01 . 2013-07-24 20:38 109848 ----a-w- c:\windows\system32\AcpiServiceVnA64.dll
2013-06-18 08:52 . 2013-07-24 20:38 1004248 ----a-w- c:\windows\system32\RtkApi64.dll
2013-06-18 08:22 . 2012-06-07 10:45 108760 ----a-w- c:\windows\system32\RTNUninst64.dll
2013-06-18 06:44 . 2013-07-24 20:38 2736160 ----a-w- c:\windows\system32\FMAPO64.dll
2013-06-18 06:00 . 2013-07-24 20:38 947760 ----a-w- c:\windows\system32\SFSS_APO.dll
2013-06-12 19:48 . 2012-06-07 11:20 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48 . 2012-06-07 11:20 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-03-05 17:41 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-10 16:10 . 2013-07-24 20:38 791808 ----a-w- c:\windows\system32\slcnt64.dll
2013-06-10 16:10 . 2013-07-24 20:38 633088 ----a-w- c:\windows\system32\sltech64.dll
2013-06-10 16:10 . 2013-07-24 20:38 521472 ----a-w- c:\windows\system32\sl3apo64.dll
2013-06-10 16:10 . 2013-07-24 20:38 213760 ----a-w- c:\windows\system32\slprp64.dll
2013-06-10 10:27 . 2013-06-10 10:27 30304 ----a-w- c:\windows\system32\drivers\klim6.sys
2013-06-10 04:44 . 2012-06-07 10:52 2080472 ----atw- c:\windows\RtlExUpd.dll
2013-06-08 12:11 . 2013-06-08 12:11 39896 ----a-w- c:\windows\SysWow64\DiscHandler.exe
2013-06-08 11:57 . 2013-06-08 11:57 4012544 ----a-w- c:\windows\system32\ffmpeg.dll
2013-06-08 11:57 . 2013-06-08 11:57 474624 ----a-w- c:\windows\system32\ff_kernelDeint.dll
2013-06-08 11:56 . 2013-06-08 11:56 127488 ----a-w- c:\windows\system32\ff_vfw.dll
2013-06-08 11:56 . 2013-06-08 11:56 4372992 ----a-w- c:\windows\system32\ffdshow.ax
2013-06-08 11:56 . 2013-06-08 11:56 156672 ----a-w- c:\windows\system32\ff_libmad.dll
2013-06-08 11:56 . 2013-06-08 11:56 631296 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2013-06-08 11:55 . 2013-06-08 11:55 114688 ----a-w- c:\windows\system32\ff_wmv9.dll
2013-06-08 11:55 . 2013-06-08 11:55 1532928 ----a-w- c:\windows\system32\ff_samplerate.dll
2013-06-08 11:55 . 2013-06-08 11:55 116224 ----a-w- c:\windows\system32\ff_liba52.dll
2013-06-08 11:55 . 2013-06-08 11:55 222720 ----a-w- c:\windows\system32\ff_libdts.dll
2013-06-08 11:55 . 2013-06-08 11:55 183296 ----a-w- c:\windows\system32\ff_unrar.dll
2013-06-08 11:55 . 2013-06-08 11:55 190464 ----a-w- c:\windows\system32\libmpeg2_ff.dll
2013-06-08 11:54 . 2013-06-08 11:54 3915776 ----a-w- c:\windows\SysWow64\ffmpeg.dll
2013-06-08 11:53 . 2013-06-08 11:53 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2013-06-08 11:53 . 2013-06-08 11:53 3501568 ----a-w- c:\windows\SysWow64\ffdshow.ax
2013-06-08 11:52 . 2013-06-08 11:52 271360 ----a-w- c:\windows\SysWow64\TomsMoComp_ff.dll
2013-06-08 11:52 . 2013-06-08 11:52 157184 ----a-w- c:\windows\SysWow64\ff_unrar.dll
2013-06-08 11:52 . 2013-06-08 11:52 99840 ----a-w- c:\windows\SysWow64\ff_wmv9.dll
2013-06-08 11:52 . 2013-06-08 11:52 147456 ----a-w- c:\windows\SysWow64\ff_libmad.dll
2013-06-08 11:52 . 2013-06-08 11:52 211968 ----a-w- c:\windows\SysWow64\ff_libdts.dll
2013-06-08 11:52 . 2013-06-08 11:52 1525760 ----a-w- c:\windows\SysWow64\ff_samplerate.dll
2013-06-08 11:52 . 2013-06-08 11:52 114688 ----a-w- c:\windows\SysWow64\ff_liba52.dll
2013-06-08 11:52 . 2013-06-08 11:52 136704 ----a-w- c:\windows\SysWow64\libmpeg2_ff.dll
2013-06-06 15:38 . 2013-06-06 15:38 178784 ----a-w- c:\windows\system32\drivers\kneps.sys
2013-06-05 10:42 . 2013-07-24 20:38 208072 ----a-w- c:\windows\system32\AERTAC64.dll
2013-06-05 03:34 . 2013-07-09 19:05 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-09 19:05 624128 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-09 19:05 509440 ----a-w- c:\windows\SysWow64\qedit.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-02-02 3035968]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-07-26 1564016]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2013-03-20 578560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2000-01-01 43608]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-05-10 840768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-26 311152]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"vmware-tray.exe"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2013-02-26 104528]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-05-16 3830224]
"BackupAndRecoveryMonitor.exe"="c:\program files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe" [2013-06-06 1562296]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-22 1104608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
c:\users\Tine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Mozilla Firefox.lnk - c:\program files (x86)\Mozilla Firefox\firefox.exe [2013-8-7 917400]
.
c:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Mozilla Firefox.lnk - c:\program files (x86)\Mozilla Firefox\firefox.exe [2013-8-7 917400]
Samsung Magician.lnk - c:\program files (x86)\Samsung SSD Magician\Samsung Magician.exe /AUTOHIDE [2013-4-21 2952096]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2013-6-8 48200]
O&O Defrag Tray.lnk - c:\windows\Installer\{FD27F016-131B-48DF-B110-DF3F82714170}\DefragIcon.exe [2013-5-23 292878]
UltraMon.lnk - c:\windows\Installer\{ED7FE81C-378C-411D-B5B4-509B978BA204}\IcoUltraMon.ico /auto [2012-11-3 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"DontSetAutoplayCheckbox"= 1 (0x1)
"NoAutorun"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys;c:\windows\SYSNATIVE\DRIVERS\mv91cons.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys;c:\windows\SYSNATIVE\drivers\vsock.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AcronisAgent;Acronis Remote Agent Service;c:\program files (x86)\Common Files\Acronis\Agent\agent.exe;c:\program files (x86)\Common Files\Acronis\Agent\agent.exe [x]
S2 ARSM;Acronis Removable Storage Management Service;c:\program files (x86)\Acronis\ARSM\arsm.exe;c:\program files (x86)\Acronis\ARSM\arsm.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 DTSAudioService;DTSAudioService;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe;c:\program files\Realtek\Audio\HDA\DTSAudioService64.exe [x]
S2 inpoutx64;inpoutx64;c:\windows\system32\Drivers\inpoutx64.sys;c:\windows\SYSNATIVE\Drivers\inpoutx64.sys [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MMS;Acronis Managed Machine Service;c:\program files (x86)\Acronis\BackupAndRecovery\mms.exe;c:\program files (x86)\Acronis\BackupAndRecovery\mms.exe [x]
S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe;c:\program files\OO Software\Defrag\oodag.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 StarMoney 8.0 OnlineUpdate;StarMoney 8.0 OnlineUpdate;c:\program files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe;c:\program files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [x]
S2 VMwareHostd;VMware Workstation Server;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe;c:\program files (x86)\VMware\VMware Workstation\vmware-hostd.exe [x]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);SysWOW64\drivers\vstor2-mntapi10-shared.sys;SysWOW64\drivers\vstor2-mntapi10-shared.sys [x]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\Tim\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys;c:\users\Tim\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NAL
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-25 19:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-06-13 14:30 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-06-13 14:30 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-06-13 14:30 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-06-13 14:30 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-13 472984]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2013-04-19 7074096]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-07-06 7192792]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-07-04 1321688]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-06-06 396680]
"TrayMonitor.exe"="c:\program files (x86)\Acronis\TrayMonitor\TrayMonitor.exe" [2013-06-06 1492664]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
LSP: %windir%\system32\vsocklib.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\c412vmmm.default\
FF - prefs.js: network.proxy.ftp - 109.169.29.75
FF - prefs.js: network.proxy.ftp_port - 80
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.socks - 109.169.29.75
FF - prefs.js: network.proxy.socks_port - 80
FF - prefs.js: network.proxy.ssl - 109.169.29.75
FF - prefs.js: network.proxy.ssl_port - 80
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-08-17 16:54; anti_banner@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF - ExtSQL: 2013-08-17 16:54; content_blocker@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF - ExtSQL: 2013-08-17 16:54; online_banking@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF - ExtSQL: 2013-08-17 16:54; url_advisor@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF - ExtSQL: 2013-08-17 16:54; virtual_keyboard@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\users\Tine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk - c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
c:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk - c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1079090980-4097662467-4146504295-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*%*2*0*J*o*y*%*2*0*D*e*n*a*l*a*n*e*%*2*0*-*%*2*0*M*H`�U\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1079090980-4097662467-4146504295-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*¥ù¹l]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1079090980-4097662467-4146504295-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*¥ù¹l\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="34470CC7369678763C650C451C22FD43C5DF2095B996F249DB236F0E226280C429FA0524A2A34559B87DAEE2D6D8DB126C759EEE189324EBD9E9642039CBE97A6E2E3A289435D492E0889BC3E528A20675DDA80AFBA1BE7917FBE5B92C4921FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808C038D530D6EB3452BA7FD869164D6794A2D97226D213B5552E7811526588B142D07791AF9C36E998FEC2FD34ABC0729DDB9DEBE3B5B8A9FE7427BD729A84BA9C8BE6DF7CD06123EA7AB7A091C72AD0A11CF60E0BDFF7C83E500AEC35EF0C64D085B635C660909BA25A44AC2B499F5F204BEF831A3221039C71330501517C3863CE55E238E58D1619B153FD109EF43A669C93CE278B386EFDCA68D4112D24616EBC661DD18314783CD30650A637F820D7051F579BCE34415C14258B73784AB31EE5C07F675ED84B105B31C8A60A67F36D3F0569B3E103D8C1C8183E8CAA2722B328F105201D80BEA8A3DC6B1D9175BB31C8E7B38330023450A6A364113E684606A2B611F86E2623B150C5A46B494923C3E425C9EF2888773B325EDB0D332DDD7C3985E73F01D6EEE8445CC1C435FEF856184723B2BBDB6ACBB191635E0E8DC7951504B2198B143CA0A945743359A231B12E911BD9E1B9F8DDB0BE9F39561089E1218E00FDC4D448BF6DD8D493BFBA60AF3478F14695D03360FD949A239633CC868E3440B76A04F4BF41235C96763DC2C1FCA5C92ED5C64CD82D7C3E78DFE6DEBD5039C9E83DFDC82F996669C00F14B7691F772B1CA4311DDF958F5CE5C5102F542094D40481166DB03015BEE99E1FC03E73FE7F6D091F21A1519CAA6F5E89D32B787100508011B07A81D98240BF31076C990119540D0EF8DD4027BF6A469E84381B2F4BE906A985D54F8FBE440F1252B2F1F828D540F36768866417849D909F830CE21DC0638D00A21FC6E3CA2F7A94632492474B353754AA09BE93B9879524AC12D2BF196C5FDBD1B8C4417CC41DDEE71A2FEF6381344D2075D578DDABD5B962BA7B5E89FAB4F46AA9028E55F999E7B98165029F413C00D938FB6E98366D276B550A8B7F6A974F86C4AA67287D098CE8CB7E4056919242FB07378163D56ED9217664BDB89C868E539C1F4817FE75C918B07953AF15ED0B3DD7C2A10D3F5EE27075A24CCA75F2FE950D74951DB4DEC37E2A84C5ABF4FB75EC658C24B9A835F6D9EF0D769CDD430D21307393855AB740697587079AD95C4368B03741DECF61EE7445265C69C1504BE16A176E712A66AAB5959B6AA2F1245725F99894C7F242C7E799218343936AED55DE12B2D669461257CF8DA7BDF0D8392C4BBC9F13D5ADA2F154E3D50BC5D1D10D764755FCDA272956AE605B390E7895976D61C5B2C0EBC363A30B217A53BD72B15F"
"OODEFRAG16.00.00.01PROFESSIONAL"="95EF4A8F48B1F43F2DA0E6723120AE0EAD3D97189F9BB91361483CC6179E09BC980278489C763465710EE2D96B1DCB46F718892B73340401148FBB6DB504A9B5BEF03171658EF1A8192277D35A2E8AF6BD5CB0BED95109E3F527A83828331DA5B3DFB0FC6C339ED5DAD852F26838E25E610052277A1F65083A9B7BD9F041438D1414439F3405FEBEE2CE390EB3011CBEBB18C6FA2F2D0744851D42CBC928CEF07377CC53F0052BB9CE4801BD8C35555F18627A150671B1ED6F809EC89CC44A585519C1D38B9A9021B22D966179E27F0AB6FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A6171C11EC38DE3D9DB7CE019D40AA5CBA7FD869164D67949178072CB4C518B6F8822AF84107F16F96ED2A7BD9E247267637B6B34C19E15D024FF161EDE07DC6DB8E197B41790129C87047F5A69C47032C2C42D31CAA700A120E588A1940CA7AC72B4FB9E503CDB1085FE32E95D29698B5A157B7073E8AE3A5230F4872C9719CF93CC070940D37000B32B31FD916AA2DE3C58CB5A426D51AC8902F6F9E36E76AD73AA91299542782B0F733F686C6F879AB58BFDBF4097BD6286C96882292A698672F07C3246B8596F6CD2397959DFEABA5B0106757E5A8301661E5CE69BD2C4D543C9B5E4838449102E9831860243C620F36E14C11890CB6082E82B341EFF825EB926C6FFB74D23C99149EC3293AB3B4C8E6DD324D1ADB6B98A495DCDCAE142CA17AC43A1B2E2950A9A77C1814126DABD754EE75188DCFC484AA0C22D05887680CCDB23265464301C2966FC82AB1F343E5A246266330A5AC2FBB178E1A1DDECFE67E0802FEF39C6F9764883A5674D86C3E8D570584A19C801D64ABE49602AC4C918DDB076DBF3B3581A89E09EA0A2E8C525F5B0C34D6FA92F8C783978760083E0D1386D21E8723DDFA114E831A748C7D387BCC65901688A9901C1B511464887982BA282A5EFC6169A45CF6AA7E8A8F8BA6566D721B7B91FED62C346CC68E4D42BA432108E327824CC3603A3692F556F6FCF841C3B8F7E7C05F55537A0E347656267F9819C4DD99EDBD848090B83804F6BA818F23B24EDE12650B4241BB7EABE357D8783EFCD03EAA20C473D834A1423104A0658C3895CF07C7528EB70668958C05C76F8EE9800B53993204602DD93AC6A39B122ED7BB17AA06C6888A09C5E0E8885D6F51D1C39DAA7FEFE32E30DB9E45854C2A6B88FD95FBC8164599C0384004E33CAD07DAC3996848388B7D2EF420B33A9F855CA4F1B06B58811E7B913AE95CB71B265E107DA4BA9155B5BAFAC9778A7716C0CC67FE4FDEA260B0F640979665CB4794BE61C36ABF1AA8E08B4FD1603715C63CBAF360DF32391D5D09797284050B1E7DC023BC190CC526D0C347559B1A11D89B5CCFA6D1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-08-27 20:02:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-08-27 18:02
.
Vor Suchlauf: 9 Verzeichnis(se), 34.061.545.472 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 35.549.474.816 Bytes frei
.
- - End Of File - - 6CF1C65AA95391D827DB3DAB62935447
A36C5E4F47E84449FF07ED3517B43A31
FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-08-2013 03
Ran by Tim (administrator) on 27-08-2013 20:35:53
Running from C:\Users\Tim\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2000-01-01] ()
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKU\Acronis Agent User\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4 [x]
HKU\Acronis Agent User\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\Acronis Agent User\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\Acronis Agent User\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics)
HKU\Acronis Agent User\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\Acronis Agent User\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\Tine\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4 [x]
HKU\Tine\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3035968 2012-02-02] (DT Soft Ltd)
HKU\Tine\...\Run: [KiesPDLR] - C:\Windows\system32\External\FirmwareUpdate\KiesPDLR.exe [x]
HKU\Tine\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\Tine\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics)
HKU\Tine\...\Run: [] - C:\Windows\system32\External\FirmwareUpdate\KiesPDLR.exe [x]
HKU\Tine\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk
ShortcutTarget: Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Startup: C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.)
Startup: C:\Users\Tine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk
ShortcutTarget: Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Browsing Protection Class - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Path=C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1079090980-4097662467-4146504295-1000\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-06-17] (Kaspersky Lab ZAO)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-15] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-06-12] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32000 2013-08-26] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2013-07-03] (Highresolution Enterprises [www.highrez.co.uk])
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-05-06] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [619616 2013-08-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2013-06-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-05-05] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-05-05] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178784 2013-06-06] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 UltraMonUtility; C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [20512 2008-11-14] (Realtime Soft Ltd)
R2 WinRing0_1_2_0; C:\Users\Tim\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys [14544 2012-06-07] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-27 20:02 - 2013-08-27 20:02 - 00042207 _____ C:\ComboFix.txt
2013-08-27 19:54 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-27 19:54 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-27 19:54 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-27 19:54 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-27 19:54 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-27 19:54 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-27 19:54 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-27 19:54 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-27 19:53 - 2013-08-27 20:02 - 00000000 ____D C:\Qoobox
2013-08-27 19:53 - 2013-08-27 20:01 - 00000000 ____D C:\Windows\erdnt
2013-08-27 19:47 - 2013-08-27 19:47 - 00000000 ___RD C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-08-27 19:39 - 2013-08-27 19:39 - 00002177 _____ C:\Users\Tim\Desktop\new 2.txt
2013-08-27 18:28 - 2013-08-27 19:41 - 00000000 ____D C:\AdwCleaner
2013-08-27 18:20 - 2013-08-27 18:21 - 00994642 _____ C:\Users\Tim\Desktop\adwcleaner.exe
2013-08-27 18:20 - 2013-08-27 18:20 - 05114158 ____R (Swearware) C:\Users\Tim\Desktop\ComboFix.exe
2013-08-26 22:39 - 2013-08-26 22:42 - 00000000 ____D C:\Users\Tim\Desktop\Neuer Ordner (2)
2013-08-26 21:38 - 2013-08-26 21:38 - 00000000 ____D C:\FRST
2013-08-26 20:38 - 2013-08-26 20:38 - 00032000 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2013-08-26 20:12 - 2013-08-26 20:12 - 00002574 _____ C:\Windows\system32\.crusader
2013-08-26 19:17 - 2013-08-26 19:17 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tim\Desktop\HijackThis.exe
2013-08-26 18:39 - 2013-08-26 18:39 - 00602112 _____ (OldTimer Tools) C:\Users\Tim\Desktop\OTL.exe
2013-08-23 20:00 - 2013-08-23 20:06 - 00000444 _____ C:\Windows\setup.log
2013-08-23 19:31 - 2013-08-23 19:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\webex
2013-08-23 19:31 - 2013-08-23 19:31 - 00000000 ____D C:\ProgramData\WebEx
2013-08-21 20:57 - 2013-08-21 20:57 - 06167800 _____ (Intel Corporation) C:\Users\Tim\Downloads\infinst_autol.exe
2013-08-21 20:57 - 2013-08-21 20:57 - 00000000 ____D C:\Intel
2013-08-20 20:41 - 2013-08-26 20:13 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-18 13:32 - 2013-08-18 13:32 - 00001564 _____ C:\Users\Public\Desktop\Acronis Backup & Recovery 11.5.lnk
2013-08-18 13:30 - 2013-08-18 13:32 - 00000000 ____D C:\Program Files (x86)\Acronis
2013-08-17 19:44 - 2013-06-18 10:22 - 00872152 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2013-08-17 19:44 - 2013-06-18 10:22 - 00074456 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2013-08-17 18:25 - 2013-08-17 18:25 - 00000000 ____D C:\Users\Tim\AppData\Local\Matrox
2013-08-17 18:22 - 2009-07-14 03:15 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Difx470f.rra
2013-08-17 18:22 - 2000-01-01 02:00 - 00123704 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2013-08-17 18:21 - 2013-08-17 18:21 - 00000000 ____D C:\Users\Tim\AppData\Local\SlimWare Utilities Inc
2013-08-17 18:21 - 2013-08-17 18:21 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-08-17 18:15 - 2013-08-17 18:15 - 00000000 ____D C:\Users\Tim\Documents\Freemium Driver Utilities
2013-08-17 17:37 - 2013-08-21 20:28 - 00000000 ____D C:\Users\Tim\AppData\Roaming\vlc
2013-08-17 17:34 - 2013-08-17 17:34 - 23003252 _____ C:\Users\Tim\Downloads\vlc-2.0.8-win32.exe
2013-08-17 16:54 - 2013-08-27 20:00 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-17 16:54 - 2013-08-17 17:01 - 00619616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-08-17 16:54 - 2013-08-17 16:54 - 00002340 _____ C:\Users\Tim\Desktop\Sicherer Zahlungsverkehr.lnk
2013-08-17 16:54 - 2013-08-17 16:54 - 00001130 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2013-08-17 16:54 - 2013-08-17 16:54 - 00000000 ____D C:\Windows\ELAMBKUP
2013-08-17 16:54 - 2013-08-17 16:54 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-08-17 16:54 - 2013-06-08 20:18 - 00112224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2013-08-17 16:54 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2013-08-17 16:53 - 2013-07-02 21:30 - 00451991 _____ C:\Windows\system32\Drivers\etc\hosts.20130817-165324.backup
2013-08-17 16:49 - 2013-08-27 20:00 - 00004352 _____ C:\Windows\PFRO.log
2013-08-17 16:49 - 2013-08-27 20:00 - 00001973 _____ C:\Windows\setupact.log
2013-08-16 18:01 - 2013-08-16 18:01 - 00000000 ____D C:\Users\Tim\GNUstep
2013-08-16 17:57 - 2013-08-16 17:57 - 00056016 _____ C:\Windows\system32\Drivers\fsbts.sys
2013-08-16 17:19 - 2013-08-16 17:19 - 00033408 _____ C:\Windows\SysWOW64\Drivers\fsbts.sys
2013-08-16 17:19 - 2012-06-26 18:26 - 00573680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp50.dll
2013-08-13 20:54 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-13 20:54 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-13 20:54 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-13 20:54 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-13 20:54 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-13 20:54 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-13 20:54 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-13 20:54 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-13 20:54 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-13 20:54 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-13 20:54 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-13 20:54 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-13 20:54 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-13 20:54 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-13 20:54 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-13 20:54 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-13 20:54 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-13 20:54 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-13 20:54 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-13 20:54 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-13 20:54 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-13 20:54 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-13 20:51 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-13 20:51 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-13 20:51 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-13 20:51 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-13 20:51 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-13 20:51 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-13 20:51 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-13 20:51 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-13 20:51 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-13 20:51 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-13 20:51 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-13 20:51 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-13 20:51 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-13 20:51 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-13 20:51 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-13 20:51 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-13 20:51 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-13 20:51 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-13 20:51 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-13 20:51 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-13 20:51 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-13 20:51 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-13 20:51 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-13 20:51 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-13 20:51 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-13 20:51 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-13 20:51 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-12 21:05 - 2013-08-12 21:07 - 00000000 ____D C:\Program Files (x86)\Areca
2013-08-12 21:04 - 2013-08-12 21:04 - 04954727 _____ C:\Users\Tim\Downloads\areca-7.3.5-windows-jre64-setup.exe
2013-08-08 22:55 - 2013-08-08 22:55 - 00000184 _____ C:\Windows\system32\WINS.txt
2013-08-08 22:11 - 2013-08-08 22:11 - 00000000 ____D C:\Users\Tim\AppData\Local\ACCCx2_1_0_213
2013-08-07 18:29 - 2013-08-07 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-07 18:20 - 2013-08-07 18:20 - 00000000 ____D C:\Users\Tim\Documents\Proto
2013-08-07 14:23 - 2013-08-07 14:23 - 00644968 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2013-08-07 14:23 - 2013-08-07 14:23 - 00028008 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2013-07-30 20:57 - 2013-07-30 20:57 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-07-29 18:58 - 2013-07-29 18:58 - 00003074 _____ C:\Windows\System32\Tasks\{1960D0F2-E07C-4F16-966C-EAD65F946017}
==================== One Month Modified Files and Folders =======
2013-08-27 20:35 - 2013-08-27 20:35 - 01579024 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
2013-08-27 20:19 - 2013-05-25 12:51 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-27 20:08 - 2011-04-12 09:43 - 00728572 _____ C:\Windows\system32\perfh007.dat
2013-08-27 20:08 - 2011-04-12 09:43 - 00160328 _____ C:\Windows\system32\perfc007.dat
2013-08-27 20:08 - 2009-07-14 07:13 - 01691140 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-27 20:07 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-27 20:07 - 2009-07-14 06:45 - 00026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-27 20:03 - 2012-06-07 12:12 - 02011127 _____ C:\Windows\WindowsUpdate.log
2013-08-27 20:02 - 2013-08-27 20:02 - 00042207 _____ C:\ComboFix.txt
2013-08-27 20:02 - 2013-08-27 19:53 - 00000000 ____D C:\Qoobox
2013-08-27 20:02 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-27 20:01 - 2013-08-27 19:53 - 00000000 ____D C:\Windows\erdnt
2013-08-27 20:01 - 2012-06-07 12:13 - 00000000 ___RD C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-27 20:01 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-27 20:00 - 2013-08-17 16:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-27 20:00 - 2013-08-17 16:49 - 00004352 _____ C:\Windows\PFRO.log
2013-08-27 20:00 - 2013-08-17 16:49 - 00001973 _____ C:\Windows\setupact.log
2013-08-27 20:00 - 2013-05-26 21:25 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-27 20:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-27 19:47 - 2013-08-27 19:47 - 00000000 ___RD C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-08-27 19:41 - 2013-08-27 18:28 - 00000000 ____D C:\AdwCleaner
2013-08-27 19:40 - 2012-06-11 19:34 - 00000000 ____D C:\Users\Tim\AppData\Local\CrashDumps
2013-08-27 19:39 - 2013-08-27 19:39 - 00002177 _____ C:\Users\Tim\Desktop\new 2.txt
2013-08-27 18:21 - 2013-08-27 18:20 - 00994642 _____ C:\Users\Tim\Desktop\adwcleaner.exe
2013-08-27 18:20 - 2013-08-27 18:20 - 05114158 ____R (Swearware) C:\Users\Tim\Desktop\ComboFix.exe
2013-08-27 17:53 - 2012-06-07 16:29 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0 S-Edition
2013-08-26 21:38 - 2013-08-26 21:38 - 00000000 ____D C:\FRST
2013-08-26 20:38 - 2013-08-26 20:38 - 00032000 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2013-08-26 20:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-26 20:13 - 2013-08-20 20:41 - 00000000 ____D C:\ProgramData\HitmanPro
2013-08-26 20:12 - 2013-08-26 20:12 - 00002574 _____ C:\Windows\system32\.crusader
2013-08-26 19:51 - 2012-06-07 22:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-26 19:17 - 2013-08-26 19:17 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tim\Desktop\HijackThis.exe
2013-08-26 19:01 - 2013-05-25 15:57 - 00145726 _____ C:\Users\Tim\Desktop\OTL.Txt
2013-08-26 18:39 - 2013-08-26 18:39 - 00602112 _____ (OldTimer Tools) C:\Users\Tim\Desktop\OTL.exe
2013-08-25 21:49 - 2013-04-11 19:32 - 00000000 ____D C:\Program Files (x86)\FRITZ!
2013-08-23 20:50 - 2013-04-11 19:33 - 00000000 ____D C:\Users\Tim\AppData\Local\FRITZ!
2013-08-23 20:06 - 2013-08-23 20:00 - 00000444 _____ C:\Windows\setup.log
2013-08-23 20:06 - 2013-04-11 19:33 - 00001001 _____ C:\Users\Public\Desktop\FRITZ!fax.lnk
2013-08-23 20:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2013-08-23 19:59 - 2013-04-11 19:28 - 18291784 _____ (AVM Berlin ) C:\Users\Tim\Downloads\FRITZ!fax_3.07.04.exe
2013-08-23 19:31 - 2013-08-23 19:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\webex
2013-08-23 19:31 - 2013-08-23 19:31 - 00000000 ____D C:\ProgramData\WebEx
2013-08-23 19:31 - 2012-06-07 13:24 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Mozilla
2013-08-21 20:57 - 2013-08-21 20:57 - 06167800 _____ (Intel Corporation) C:\Users\Tim\Downloads\infinst_autol.exe
2013-08-21 20:57 - 2013-08-21 20:57 - 00000000 ____D C:\Intel
2013-08-21 20:28 - 2013-08-17 17:37 - 00000000 ____D C:\Users\Tim\AppData\Roaming\vlc
2013-08-18 12:24 - 2012-07-30 19:03 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype
2013-08-17 19:44 - 2012-06-07 12:45 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-08-17 18:25 - 2013-08-17 18:25 - 00000000 ____D C:\Users\Tim\AppData\Local\Matrox
2013-08-17 18:22 - 2012-06-07 12:48 - 00000000 ____D C:\Windows\RaidTool
2013-08-17 18:21 - 2013-08-17 18:21 - 00000000 ____D C:\Users\Tim\AppData\Local\SlimWare Utilities Inc
2013-08-17 18:21 - 2013-08-17 18:21 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2013-08-17 18:15 - 2013-08-17 18:15 - 00000000 ____D C:\Users\Tim\Documents\Freemium Driver Utilities
2013-08-17 17:35 - 2012-06-07 13:55 - 00001076 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-08-17 17:34 - 2013-08-17 17:34 - 23003252 _____ C:\Users\Tim\Downloads\vlc-2.0.8-win32.exe
2013-08-17 17:01 - 2013-08-17 16:54 - 00619616 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-08-17 16:54 - 2013-08-17 16:54 - 00002340 _____ C:\Users\Tim\Desktop\Sicherer Zahlungsverkehr.lnk
2013-08-17 16:54 - 2013-08-17 16:54 - 00001130 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2013-08-17 16:54 - 2013-08-17 16:54 - 00000000 ____D C:\Windows\ELAMBKUP
2013-08-17 16:54 - 2013-08-17 16:54 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-08-17 16:35 - 2012-06-07 12:13 - 00000000 ____D C:\Users\Tim
2013-08-17 16:10 - 2012-06-07 13:51 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2013-08-17 13:02 - 2013-03-25 19:24 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-16 18:01 - 2013-08-16 18:01 - 00000000 ____D C:\Users\Tim\GNUstep
2013-08-16 17:57 - 2013-08-16 17:57 - 00056016 _____ C:\Windows\system32\Drivers\fsbts.sys
2013-08-16 17:19 - 2013-08-16 17:19 - 00033408 _____ C:\Windows\SysWOW64\Drivers\fsbts.sys
2013-08-16 17:19 - 2012-06-07 16:26 - 01714564 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-14 18:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-13 20:53 - 2013-07-11 17:57 - 00000000 ____D C:\Windows\system32\MRT
2013-08-13 20:53 - 2012-06-07 16:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-13 20:52 - 2012-06-07 13:51 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-12 21:07 - 2013-08-12 21:05 - 00000000 ____D C:\Program Files (x86)\Areca
2013-08-12 21:04 - 2013-08-12 21:04 - 04954727 _____ C:\Users\Tim\Downloads\areca-7.3.5-windows-jre64-setup.exe
2013-08-10 11:58 - 2013-07-03 19:48 - 00000000 ____D C:\Users\Tim\Desktop\InpOutBinaries_1500
2013-08-10 09:31 - 2012-12-04 00:06 - 00001096 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-08-10 09:23 - 2012-06-25 18:06 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Notepad++
2013-08-10 09:23 - 2012-06-25 18:06 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-08-10 09:22 - 2012-06-07 13:57 - 00000000 ____D C:\Program Files\Intel
2013-08-08 22:59 - 2012-12-23 15:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-08 22:55 - 2013-08-08 22:55 - 00000184 _____ C:\Windows\system32\WINS.txt
2013-08-08 22:55 - 2013-04-21 17:15 - 00000125 _____ C:\Windows\system32\StaticIP.txt
2013-08-08 22:55 - 2012-09-29 11:18 - 00004051 _____ C:\Windows\system32\WmiConf.txt
2013-08-08 22:11 - 2013-08-08 22:11 - 00000000 ____D C:\Users\Tim\AppData\Local\ACCCx2_1_0_213
2013-08-07 18:29 - 2013-08-07 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-07 18:20 - 2013-08-07 18:20 - 00000000 ____D C:\Users\Tim\Documents\Proto
2013-08-07 14:23 - 2013-08-07 14:23 - 00644968 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2013-08-07 14:23 - 2013-08-07 14:23 - 00028008 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2013-08-05 11:50 - 2012-06-07 12:40 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2013-08-04 23:41 - 2013-03-25 19:25 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Origin
2013-08-04 23:41 - 2013-03-25 19:24 - 00000000 ____D C:\Users\Tim\AppData\Local\Origin
2013-07-30 21:01 - 2012-06-07 17:34 - 00000000 ____D C:\Users\Tim\AppData\Local\Downloaded Installations
2013-07-30 20:57 - 2013-07-30 20:57 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-07-29 18:58 - 2013-07-29 18:58 - 00003074 _____ C:\Windows\System32\Tasks\{1960D0F2-E07C-4F16-966C-EAD65F946017}
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-12 20:17
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-08-2013 03
Ran by Tim at 2013-08-27 20:36:09
Running from C:\Users\Tim\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
64 Bit HP CIO Components Installer (Version: 6.2.1)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
AVM FRITZ!fax für FRITZ!Box (x32)
bl (x32 Version: 1.0.0)
bpd_scan_ent (x32 Version: 3.00.0000)
Cisco WebEx Meetings (HKCU)
Diablo III (x32 Version: 1.0.8.16603)
Enterprise (x32 Version: 50.0.165.000)
Free Screen Video Recorder version 2.5.30.628 (x32 Version: 2.5.30.628)
GO Contact Sync Mod (x32 Version: 3.5.16)
Google Drive (x32 Version: 1.2.3101.4994)
HP Officejet 6500 E709 Series Corporate Edition 14.0 (Version: 14.0)
Intel(R) Control Center (x32 Version: 1.2.1.1008)
Intel(R) Management Engine Components (x32 Version: 9.0.5.1367)
Intel(R) Network Connections 18.5.54.0 (Version: 18.5.54.0)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016)
Intel® Trusted Connect Service Client (Version: 1.27.798.1)
Intel® Watchdog Timer Driver (Intel® WDT) (x32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
JMicron JMB36X Driver (x32 Version: 1.17.65.11)
Kaspersky Internet Security (x32 Version: 14.0.0.4651)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
marvell 91xx driver (x32 Version: 1.2.0.1027)
Mediaport (x32)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Mozilla Firefox 17.0.8 (x86 de) (x32 Version: 17.0.8)
Mozilla Maintenance Service (x32 Version: 17.0.8)
mRemote (x32)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyFreeCodec (HKCU)
Need for Speed™ Most Wanted (x32 Version: 1.5.0.0)
Network64 (Version: 130.0.579.000)
Notepad++ (x32 Version: 6.4.3)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Origin (x32 Version: 9.1.10.2728)
ph (x32 Version: 1.0.0)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.222)
Realtek Ethernet Controller Driver (x32 Version: 7.73.618.2013)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6971)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0)
rosoft-Maus- und Tastatur-Center (Version: 2.2.173.0)
Samsung Kies (x32 Version: 2.5.0.12104_15)
Samsung Magician (x32 Version: 4.1.0)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Scan (x32 Version: 13.0.0.0)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.6 (x32 Version: 6.6.106)
Spybot - Search & Destroy (x32 Version: 2.1.20)
StarMoney (x32 Version: 3.0.0.124)
StarMoney 8.0 S-Edition (x32 Version: 8.0)
swMSM (x32 Version: 12.0.0.1)
System Requirements Lab for Intel (x32 Version: 4.5.15.0)
TeamViewer 8 (x32 Version: 8.0.20202)
UltraMon (Version: 3.2.1)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Windows 7 Codec Pack 4.0.7 (x32 Version: 4.0.7)
==================== Restore Points =========================
==================== Hosts content: ==========================
2013-03-15 23:32 - 2013-08-27 20:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1BEF523F-72A2-4DD8-808E-AD73B11DAC79} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {1C88895A-07B1-4015-8392-3E63A12DE207} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe No File
Task: {1CA99409-E729-47B3-85C1-74DFF63D49BE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe No File
Task: {3787C988-C429-4FE0-B3AA-856FF63A6142} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe No File
Task: {4ABF7166-748F-43BE-B692-E403310ADC74} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {5D1EDDFF-0D02-4718-A861-4F4A6E721358} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {69172CBF-00A3-4F8C-81D1-B00EBD8200A0} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {78CF4459-DCCE-4EA5-9888-22898B1EB5F9} - \FreeDriverScout No Task File
Task: {7B6CC9A6-CFBD-45D7-A4AE-0591AC73E732} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-09] (Adobe Systems Incorporated)
Task: {AD2868AE-A6F1-45D1-9135-8BED7B53FF13} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {C9AC7953-F43D-401D-968B-DC12F2D615EF} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D0B97D50-6091-4D09-94FF-54EC4911FA0C} - \Software Updater No Task File
Task: {E836D54E-CEF1-462E-9982-F13F4CB05D9E} - \Software Updater Ui No Task File
Task: {EA627437-6C74-476E-9CC7-453E45680B1B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Users\Tim\AppData\Local\UvGw4h1Hu:qDCINPtSRFW7OunMRvfGNWlXiCTL
==================== Faulty Device Manager Devices =============
Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet 6500 E709a
Description: Officejet 6500 E709a
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/27/2013 07:39:48 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: adwcleaner.exe, Version: 3.0.0.1, Zeitstempel: 0x4f25baec
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x75634f0d
ID des fehlerhaften Prozesses: 0x1b3c
Startzeit der fehlerhaften Anwendung: 0xadwcleaner.exe0
Pfad der fehlerhaften Anwendung: adwcleaner.exe1
Pfad des fehlerhaften Moduls: adwcleaner.exe2
Berichtskennung: adwcleaner.exe3
Error: (08/26/2013 08:32:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.1.18.91, Zeitstempel: 0x51949fc0
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x164c
Startzeit der fehlerhaften Anwendung: 0xSDUpdate.exe0
Pfad der fehlerhaften Anwendung: SDUpdate.exe1
Pfad des fehlerhaften Moduls: SDUpdate.exe2
Berichtskennung: SDUpdate.exe3
Error: (08/26/2013 08:27:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.1.18.91, Zeitstempel: 0x51949fc0
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xb80
Startzeit der fehlerhaften Anwendung: 0xSDUpdate.exe0
Pfad der fehlerhaften Anwendung: SDUpdate.exe1
Pfad des fehlerhaften Moduls: SDUpdate.exe2
Berichtskennung: SDUpdate.exe3
Error: (08/26/2013 08:22:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.1.18.91, Zeitstempel: 0x51949fc0
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x1988
Startzeit der fehlerhaften Anwendung: 0xSDUpdate.exe0
Pfad der fehlerhaften Anwendung: SDUpdate.exe1
Pfad des fehlerhaften Moduls: SDUpdate.exe2
Berichtskennung: SDUpdate.exe3
Error: (08/26/2013 08:17:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.1.18.91, Zeitstempel: 0x51949fc0
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83c8a
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x4ec
Startzeit der fehlerhaften Anwendung: 0xSDUpdate.exe0
Pfad der fehlerhaften Anwendung: SDUpdate.exe1
Pfad des fehlerhaften Moduls: SDUpdate.exe2
Berichtskennung: SDUpdate.exe3
Error: (08/23/2013 08:00:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 17.0.8.4965, Zeitstempel: 0x52005729
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x2b72f4c0
ID des fehlerhaften Prozesses: 0x1984
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (08/17/2013 07:00:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DriverGenius.exe, Version: 12.0.0.1314, Zeitstempel: 0x51e23ea7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1c50
Startzeit der fehlerhaften Anwendung: 0xDriverGenius.exe0
Pfad der fehlerhaften Anwendung: DriverGenius.exe1
Pfad des fehlerhaften Moduls: DriverGenius.exe2
Berichtskennung: DriverGenius.exe3
Error: (08/17/2013 06:58:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DriverGenius.exe, Version: 12.0.0.1314, Zeitstempel: 0x51e23ea7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xdbc
Startzeit der fehlerhaften Anwendung: 0xDriverGenius.exe0
Pfad der fehlerhaften Anwendung: DriverGenius.exe1
Pfad des fehlerhaften Moduls: DriverGenius.exe2
Berichtskennung: DriverGenius.exe3
Error: (08/17/2013 06:56:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DriverGenius.exe, Version: 12.0.0.1314, Zeitstempel: 0x51e23ea7
Name des fehlerhaften Moduls: msvbvm60.dll, Version: 6.0.97.82, Zeitstempel: 0x403acfec
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000449aa
ID des fehlerhaften Prozesses: 0x237c
Startzeit der fehlerhaften Anwendung: 0xDriverGenius.exe0
Pfad der fehlerhaften Anwendung: DriverGenius.exe1
Pfad des fehlerhaften Moduls: DriverGenius.exe2
Berichtskennung: DriverGenius.exe3
Error: (07/30/2013 09:06:36 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Samsung\Kies\Kies.exe . Error code = 0x80131f07
System errors:
=============
Error: (08/27/2013 08:34:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2013 08:34:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2013 08:34:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2013 07:59:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/27/2013 07:59:34 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/27/2013 07:57:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (08/27/2013 07:54:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2013 07:54:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2013 07:54:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-08-27 19:59:34.565
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-08-27 19:59:34.534
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-08-26 21:31:37.332
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-26 21:31:37.330
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-26 21:31:37.329
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-26 21:20:07.766
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-26 21:20:07.765
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-26 21:20:07.763
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-26 19:00:46.846
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-08-26 19:00:46.846
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 16351.09 MB
Available physical RAM: 14055.06 MB
Total Pagefile: 32700.37 MB
Available Pagefile: 30424.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:214.58 GB) (Free:86.24 GB) NTFS
Drive f: (Volume 1) (Fixed) (Total:600 GB) (Free:6.56 GB) NTFS
Drive g: (Volume 2) (Fixed) (Total:400 GB) (Free:87.51 GB) NTFS
Drive h: (Volume 3) (Fixed) (Total:400 GB) (Free:25.6 GB) NTFS
Drive i: (Volume 4) (Fixed) (Total:300 GB) (Free:298.77 GB) NTFS
Drive j: (Volume 5) (Fixed) (Total:163.02 GB) (Free:126.95 GB) NTFS
Drive l: (SIMCITY) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 4114DB76)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=215 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 08901BE1)
Partition 1: (Not Active) - (Size=600 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=400 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=400 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=463 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
WARNUNG an die MITLESER: 