Results of screen317's Security Check version 0.99.73
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
G Data InternetSecurity 2014
Antivirus out of date! `````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
TuneUp Utilities 2011
TuneUp Utilities Language Pack (de-DE)
CCleaner
Java 7 Update 25
Adobe Flash Player 11.8.800.168
Adobe Reader 10.1.8
Adobe Reader out of Date!
Mozilla Firefox (24.0)
Mozilla Thunderbird (17.0.8)
````````Process Check: objlist.exe by Laurent````````
G DATA InternetSecurity Firewall GDFirewallTray.exe
G DATA InternetSecurity Firewall GDFwSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
---------------------------------------
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=dc9525d03f05b742a3fbade35fb1c572
# engine=15195
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-20 11:00:23
# local_time=2013-09-20 01:00:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 7453 217207525 0 0
# scanned=133
# found=0
# cleaned=0
# scan_time=5
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=dc9525d03f05b742a3fbade35fb1c572
# engine=15198
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-20 07:11:28
# local_time=2013-09-20 09:11:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 36918 217236990 0 0
# scanned=538180
# found=0
# cleaned=0
# scan_time=29240
----------------------------------------------------

FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-09-2013 03
Ran by ***** (administrator) on RR-SONY on 21-09-2013 10:21:28
Running from C:\Users\*****\Desktop
Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(G Data Software AG) C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G DATA\InternetSecurity\AVK\AVKWCtl.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(UPEK Inc.) C:\Program Files\Protector Suite QL\upeksvr.exe
(Realtek Semiconductor) C:\Windows\RtkAudioService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(BandRich Inc.) C:\Program Files\o2 Verbindungsmanager\BRService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Allway Sync\Bin\SyncService.exe
() C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
(REINER SCT) C:\Windows\system32\cjpcsc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(SafeNet Inc.) C:\Windows\system32\hasplms.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe
(InterVideo) c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files\Polar\Daemon\polard.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SafeNet, Inc.) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(G Data Software AG) C:\Program Files\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\LANUtil.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Akamai Technologies, Inc.) C:\Users\*****\AppData\Local\Akamai\netsession_win.exe
(sw4you, Siegfried Weckmann) C:\Program Files\hardcopy\hardcopy.exe
() C:\Program Files\Polar\WebSync\WebSync.exe
(Akamai Technologies, Inc.) C:\Users\*****\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
() C:\Program Files\hardcopy\hcdll2_ex_Win32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(G Data Software AG) C:\Program Files\G DATA\InternetSecurity\Firewall\GDFwSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-04-15] (Intel Corporation)
HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [BrStsWnd] - C:\Program Files\Brownie\BrstsWnd.exe [3618104 2009-08-19] (brother)
HKLM\...\Run: [GDFirewallTray] - C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM\...\Run: [G Data AntiVirus Tray] - C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe [1444304 2013-03-22] (G Data Software AG)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6139904 2008-05-28] (Realtek Semiconductor)
HKLM\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [262144 2008-11-05] (Sony Corporation)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [122880 2008-02-21] (Alps Electric Co., Ltd.)
Winlogon\Notify\psfus: C:\Windows\system32\psqlpwd.dll (UPEK Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\*****\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Bildschirmdruckprogramm] - C:\Program Files\Hardcopy\Hardcopy.exe [3510784 2011-11-01] (sw4you, Siegfried Weckmann)
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Administrator.RR-Sony\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Administrator.RR-Sony\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-11-05] (Sony Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-11-05] (Sony Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2008-11-05] (Sony Corporation)
Lsa: [Notification Packages] scecli psqlpwd
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {10FAD6AC-3F0D-4801-A32E-B084EAAABBCC} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jg13d8gj.default
FF Homepage: hxxp://www.bing.com/?cc=de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll No File
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jg13d8gj.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Garmin Communicator - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jg13d8gj.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: No Name - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\jg13d8gj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
========================== Services (Whitelisted) =================
S4 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-06] (Adobe Systems Incorporated)
R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AVKProxy; C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G DATA\InternetSecurity\AVK\AVKWCtl.exe [2095944 2013-06-21] (G Data Software AG)
R2 BandLuxe_Service; C:\Program Files\o2 Verbindungsmanager\BRService.exe [87264 2009-06-14] (BandRich Inc.)
R2 BotkindSyncService; C:\Program Files\Allway Sync\Bin\SyncService.exe [182784 2013-07-02] ()
R2 BRA_Scheduler; C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe [65536 2010-08-04] ()
R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [7454608 2013-05-09] (DisplayLink Corp.)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R3 GDFwSvc; C:\Program Files\G DATA\InternetSecurity\Firewall\GDFwSvc.exe [2362744 2013-03-22] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
S3 getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33176 2009-03-03] (NOS Microsystems Ltd.)
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (SafeNet Inc.)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2008-01-21] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2006-11-02] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2006-11-02] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [125952 2009-04-11] (Microsoft Corporation)
R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [299008 2008-11-03] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation)
R2 Polar Daemon; C:\Program Files\Polar\Daemon\polard.exe [413184 2012-08-17] ()
R2 SentinelKeysServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [316992 2007-04-27] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400 2007-04-27] (SafeNet, Inc)
S2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-06-13] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S2 StarMoney Business 5.0 OnlineUpdate; C:\Program Files\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-10] (Sony Corporation)
R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-06-16] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [722288 2010-04-09] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [358400 2010-04-13] (SafeNet Inc.)
S3 ASPI; C:\Windows\System32\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [105728 2013-02-17] (AVM Berlin)
R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz)
S3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28144 2011-03-29] (REINER SCT)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 DisplayLinkUsbIo; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_7.2.47873.0.sys [36752 2013-05-13] ()
R3 dlkmd; C:\Windows\system32\drivers\dlkmd.sys [338736 2013-05-09] (DisplayLink Corp.)
R0 dlkmdldr; C:\Windows\System32\drivers\dlkmdldr.sys [15664 2013-05-09] (DisplayLink Corp.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [45912 2013-06-30] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [96344 2013-06-30] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [52056 2013-04-13] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [54104 2013-06-30] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [30896 2013-04-13] (G Data Software)
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [106624 2008-02-18] (Option N.V.)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [59648 2008-02-08] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [8064 2007-03-30] (Option N.V.)
S3 GTSCSER; C:\Windows\System32\DRIVERS\gtscser.sys [21504 2007-11-30] (Option N.V.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [588800 2009-12-09] (SafeNet Inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [51032 2013-06-30] (G Data Software AG)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [40496 2008-09-26] (Paragon Software Group)
S3 KOBB1USB; C:\Windows\System32\DRIVERS\KOBB1USB.sys [33351 2004-10-29] (KOBIL Systems)
S3 LVcKap; C:\Windows\System32\DRIVERS\LVcKap.sys [1587632 2006-06-26] (Logitech Inc.)
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [1952816 2006-06-26] (Logitech Inc.)
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [621056 2008-04-14] (DiBcom SA)
S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [13824 2007-07-11] (DiBcom S.A.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [126976 2008-01-21] (Microsoft Corporation)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R0 shpf; C:\Windows\System32\DRIVERS\shpf.sys [22560 2008-01-31] (Sony Corporation)
S3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [35328 2007-04-27] (SafeNet, Inc.)
R3 SPI; C:\Windows\System32\DRIVERS\SonyPI.sys [14720 2008-01-07] (Sony Corporation)
S3 Spyder4; C:\Windows\System32\DRIVERS\dccmtr.sys [12288 2011-06-02] (Datacolor)
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2008-01-07] (TeamViewer GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [10064 2010-10-07] (TuneUp Software)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [81232 2012-11-30] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [452816 2012-11-30] (Paragon)
R1 Uim_Vim; C:\Windows\System32\Drivers\Uim_Vim.sys [283600 2012-11-30] (Paragon)
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [10240 2011-06-22] (Nicomsoft Ltd.)
U5 ASPI32; C:\Windows\System32\Drivers\ASPI32.sys [84832 2002-07-17] (Adaptec)
S3 btwampfl; system32\drivers\btwampfl.sys [x]
S3 catchme; \??\C:\Users\ROLFRU~1\AppData\Local\Temp\catchme.sys [x]
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_5.2.23219.0.sys [x]
S3 HSXHWAZL; system32\DRIVERS\HSXHWAZL.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [x]
S3 NDSPCIIO; \??\C:\Windows\system32\DRIVERS\NDSPCIIO.SYS [x]
S3 nmwcd; system32\drivers\ccdcmb.sys [x]
S3 nmwcdc; system32\drivers\ccdcmbo.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PAC207; system32\DRIVERS\PFC027.SYS [x]
U5 Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [90688 2007-04-27] (SafeNet, Inc.)
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [x]
S3 UsbserFilt; system32\DRIVERS\usbser_lowerfltj.sys [x]
S2 XAudio; system32\DRIVERS\xaudio.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-21 10:21 - 2013-09-17 11:16 - 01083437 _____ (Farbar) C:\Users\*****\Desktop\FRST.exe
2013-09-21 10:20 - 2013-09-21 10:20 - 00001064 _____ C:\Users\*****\Desktop\checkup.txt
2013-09-20 12:31 - 2013-09-20 12:31 - 00000000 ____D C:\Program Files\ESET
2013-09-19 17:52 - 2013-09-19 17:52 - 00000000 ____D C:\Windows\ERUNT
2013-09-19 17:32 - 2013-09-19 17:46 - 00000000 ____D C:\AdwCleaner
2013-09-19 13:11 - 2013-09-19 13:11 - 00000000 ____D C:\Users\*****\AppData\Roaming\Malwarebytes
2013-09-19 13:11 - 2013-09-19 13:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-19 13:11 - 2013-09-19 13:11 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-19 13:11 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-18 23:15 - 2013-09-18 23:15 - 00018879 _____ C:\ComboFix.txt
2013-09-18 22:04 - 2013-09-18 23:15 - 00000000 ____D C:\Qoobox
2013-09-18 22:04 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-18 22:04 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-18 22:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-18 22:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-18 22:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-18 22:04 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-18 22:04 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-18 22:04 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-18 13:03 - 2013-09-18 23:12 - 00000000 ____D C:\Windows\erdnt
2013-09-18 06:46 - 2013-09-18 06:47 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-17 11:25 - 2013-09-17 11:25 - 00000000 ____D C:\FRST
2013-09-17 11:22 - 2013-09-17 11:22 - 00000000 _____ C:\Users\*****\defogger_reenable
2013-09-16 17:15 - 2013-09-20 12:29 - 00000000 ____D C:\Users\*****\Desktop\Analyse
2013-09-16 14:16 - 2013-09-16 14:16 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-09-14 20:47 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-14 20:47 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-14 20:47 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-14 20:47 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-14 20:47 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-14 20:47 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-14 20:47 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-14 20:47 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-14 20:47 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-14 20:47 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-14 20:47 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-14 20:47 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-14 20:47 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-14 20:47 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-14 20:47 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-14 20:47 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-14 20:44 - 2013-09-14 20:44 - 00000000 ____D C:\Users\*****\.android
2013-09-14 20:33 - 2013-08-08 03:45 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-14 20:33 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2013-08-28 07:47 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-25 17:33 - 2013-08-25 17:33 - 00118670 _____ C:\Users\*****\Documents\Backup SG2 2013-08-25.mpb
2013-08-25 07:06 - 2013-09-18 23:27 - 00002434 _____ C:\Windows\PFRO.log
==================== One Month Modified Files and Folders =======
2013-09-21 10:20 - 2013-09-21 10:20 - 00001064 _____ C:\Users\*****\Desktop\checkup.txt
2013-09-21 10:04 - 2012-04-04 17:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-21 10:01 - 2006-11-02 14:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-21 10:01 - 2006-11-02 14:47 - 00003744 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-21 08:11 - 2012-09-02 17:32 - 01323272 _____ C:\Windows\WindowsUpdate.log
2013-09-21 08:11 - 2008-11-08 17:36 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2013-09-21 08:03 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\inetsrv
2013-09-21 08:02 - 2008-11-11 22:51 - 00000438 _____ C:\Windows\Brownie.ini
2013-09-21 08:02 - 2008-07-09 10:29 - 00624911 _____ C:\ProgramData\nvModes.001
2013-09-21 08:01 - 2011-04-02 19:21 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-09-21 08:01 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-20 21:12 - 2008-07-09 09:42 - 00003204 _____ C:\Windows\bthservsdp.dat
2013-09-20 21:12 - 2006-11-02 15:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-20 12:54 - 2008-07-09 10:29 - 00624911 _____ C:\ProgramData\nvModes.dat
2013-09-20 12:31 - 2013-09-20 12:31 - 00000000 ____D C:\Program Files\ESET
2013-09-20 12:29 - 2013-09-16 17:15 - 00000000 ____D C:\Users\*****\Desktop\Analyse
2013-09-20 11:34 - 2009-01-13 22:41 - 00000000 ___RD C:\Users\*****\Desktop\Tools
2013-09-20 11:04 - 2012-04-04 17:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-09-20 11:04 - 2011-05-18 06:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-09-20 08:07 - 2011-08-22 20:55 - 00000000 ____D C:\Users\*****\AppData\Roaming\MyPhoneExplorer
2013-09-19 17:52 - 2013-09-19 17:52 - 00000000 ____D C:\Windows\ERUNT
2013-09-19 17:50 - 2008-11-08 17:36 - 00000000 ____D C:\Users\*****
2013-09-19 17:46 - 2013-09-19 17:32 - 00000000 ____D C:\AdwCleaner
2013-09-19 13:11 - 2013-09-19 13:11 - 00000000 ____D C:\Users\*****\AppData\Roaming\Malwarebytes
2013-09-19 13:11 - 2013-09-19 13:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-19 13:11 - 2013-09-19 13:11 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-18 23:27 - 2013-08-25 07:06 - 00002434 _____ C:\Windows\PFRO.log
2013-09-18 23:15 - 2013-09-18 23:15 - 00018879 _____ C:\ComboFix.txt
2013-09-18 23:15 - 2013-09-18 22:04 - 00000000 ____D C:\Qoobox
2013-09-18 23:15 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Default
2013-09-18 23:15 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-09-18 23:12 - 2013-09-18 13:03 - 00000000 ____D C:\Windows\erdnt
2013-09-18 23:12 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-09-18 15:41 - 2008-11-08 17:36 - 00014236 _____ C:\Users\*****\AppData\Local\d3d9caps.dat
2013-09-18 14:19 - 2013-03-24 13:10 - 00000000 ____D C:\Program Files\StarMoney 9.0
2013-09-18 08:52 - 2012-05-01 07:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-09-18 06:47 - 2013-09-18 06:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-09-18 06:36 - 2012-11-29 12:23 - 00000000 ____D C:\Program Files\StarMoney Business 5.0
2013-09-17 22:49 - 2013-05-29 17:00 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2013-09-17 11:25 - 2013-09-17 11:25 - 00000000 ____D C:\FRST
2013-09-17 11:22 - 2013-09-17 11:22 - 00000000 _____ C:\Users\*****\defogger_reenable
2013-09-17 11:16 - 2013-09-21 10:21 - 01083437 _____ (Farbar) C:\Users\*****\Desktop\FRST.exe
2013-09-16 14:16 - 2013-09-16 14:16 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-09-15 20:32 - 2008-11-11 23:00 - 00000432 _____ C:\Windows\BRWMARK.INI
2013-09-14 20:55 - 2013-07-24 18:03 - 00452144 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-14 20:46 - 2013-08-15 08:23 - 00000000 ____D C:\Windows\system32\MRT
2013-09-14 20:44 - 2013-09-14 20:44 - 00000000 ____D C:\Users\*****\.android
2013-09-14 20:43 - 2012-08-20 19:16 - 00000000 ____D C:\Program Files\MyPhoneExplorer
2013-09-14 20:40 - 2006-11-02 12:24 - 76725432 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-25 17:33 - 2013-08-25 17:33 - 00118670 _____ C:\Users\*****\Documents\Backup SG2 2013-08-25.mpb
2013-08-24 22:32 - 2008-11-08 20:58 - 00000000 ____D C:\Users\*****\AppData\Roaming\FileZilla
2013-08-24 22:27 - 2011-01-29 20:23 - 00000000 ____D C:\Program Files\FileZilla FTP Client
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-21 08:10
==================== End Of Log ============================
--- --- ---
--- --- ---
So das wars. Keine Probleme mehr !!!! Danke sehr !