Also,
Hier erstmal das FRST.txt Log:
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Timo (administrator) on TIMO-PC on 20-02-2014 18:57:18
Running from C:\Users\Timo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\DAODx.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\PACTray.exe
() C:\Program Files\Plantronics\GameCom780\GameCom780.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) H:\steam2\Steam.exe
() C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Users\Timo\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) H:\steam2\Steam.exe
(Valve Corporation) H:\steam2\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() H:\steam2\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) H:\steam2\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [120328 2008-04-04] (Logitech Inc.)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1860496 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [GUCI_AVS] - C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [PACTray] - C:\Windows\PixArt\PAP7501\PACTray.exe [319488 2009-06-09] (PixArt Imaging Incorporation)
HKLM\...\Run: [GamecomSound] - C:\Program Files\Plantronics\GameCom780\GameCom780.exe [777448 2011-12-01] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600 2010-11-15] (PC Tools)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [KPeerNexonEU] - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2011-02-07] (NEXON Inc.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Akamai NetSession Interface] - "C:\Users\Timo\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Steam] - H:\steam2\steam.exe [1822400 2014-02-20] (Valve Corporation)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [ESL Wire] - C:\Program Files\EslWire\wire.exe [4253696 2013-12-09] (Turtle Entertainment GmbH)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoNetworkConnections] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoCommonGroups] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Search
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Nation Search
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURL hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Java Runtime - {279384DD-3D1B-4086-8679-AA5EC7268BE1} - C:\Users\Timo\AppData\Roaming\JavaRun\IE\JavaRun.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: hxxp://www.bing.com/search?setmkt=de-DE&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-25]
CHR Extension: (Google Drive) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-25]
CHR Extension: (YouTube) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-25]
CHR Extension: (YouTube Center) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdcifocibecgcgigbanojipblimlaoij [2013-10-30]
CHR Extension: (Google-Suche) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-25]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-05-25]
CHR Extension: (AdBlock) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-05-25]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-05-25]
CHR Extension: (Modul für das Blockieren gefährlicher Webseiten) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-05-25]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-05-25]
CHR Extension: (Skype Click to Call) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-05-25]
CHR Extension: (Google Wallet) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-05-25]
CHR Extension: (Google Mail) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-25]
CHR Extension: (Anti-Banner) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-05-25]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]
==================== Services (Whitelisted) =================
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2231616 2010-07-19] ()
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3549224 2010-06-07] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2010-10-01] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-15] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [597504 2009-11-06] (PixArt Imaging Incorporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-23] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 PlantronicsGC; C:\Windows\System32\drivers\PLTGC.sys [1327104 2011-11-05] (C-Media Electronics Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-23] (Kaspersky Lab ZAO)
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 X6va003; \??\C:\Users\Timo\AppData\Local\Temp\00358B1.tmp [X]
S3 X6va005; \??\C:\Users\Timo\AppData\Local\Temp\005CDEE.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-20 18:56 - 2014-02-20 18:56 - 00041847 _____ () C:\Users\Timo\Downloads\Addition.txt
2014-02-20 18:54 - 2014-02-20 18:57 - 00023466 _____ () C:\Users\Timo\Downloads\FRST.txt
2014-02-20 18:54 - 2014-02-20 18:57 - 00000000 ____D () C:\FRST
2014-02-20 18:52 - 2014-02-20 18:53 - 02153472 _____ (Farbar) C:\Users\Timo\Downloads\FRST64.exe
2014-02-20 18:52 - 2014-02-20 18:52 - 00000000 ____D () C:\Users\Timo\Desktop\security
2014-02-17 17:52 - 2014-02-17 17:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\NVIDIA
2014-02-17 17:30 - 2014-02-17 17:30 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\StunlockStudios
2014-02-16 00:06 - 2014-02-16 00:06 - 00000000 ____D () C:\Users\Timo\Desktop\android
2014-02-15 23:50 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-15 23:50 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-15 23:49 - 2014-02-15 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:47 - 2014-02-15 23:47 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-15 23:47 - 2013-03-11 15:26 - 00000000 ____D () C:\Users\UpdatusUser\Documents\Visual Studio 2010
2014-02-15 23:47 - 2011-12-26 16:51 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2014-02-15 23:47 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-15 23:47 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-15 23:45 - 2013-10-23 09:20 - 03426956 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-15 23:42 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-15 23:42 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-15 23:42 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-15 23:42 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-15 23:42 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-15 23:42 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-15 23:42 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-15 23:42 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-02-15 23:30 - 2014-02-15 23:36 - 210746952 _____ (NVIDIA Corporation) C:\Users\Timo\Downloads\331.65-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-15 23:14 - 2014-02-15 23:19 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-02-15 23:14 - 2014-02-15 23:16 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-15 23:12 - 2014-02-15 23:12 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\Timo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-02-08 14:24 - 2014-02-08 14:24 - 00000203 _____ () C:\Users\Timo\Desktop\Dead Island Epidemic.url
2014-01-24 19:21 - 2014-01-24 19:21 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\HackSlashLoot
2014-01-24 15:17 - 2014-01-24 15:17 - 00000000 ____D () C:\Users\Timo\Documents\Gaslamp Games
2014-01-24 11:14 - 2014-01-24 11:14 - 00000203 _____ () C:\Users\Timo\Desktop\Paranautical Activity.url
2014-01-22 18:19 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-22 18:18 - 2014-01-22 18:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 18:18 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 18:18 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-22 18:18 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
==================== One Month Modified Files and Folders =======
2014-02-20 18:57 - 2014-02-20 18:54 - 00023466 _____ () C:\Users\Timo\Downloads\FRST.txt
2014-02-20 18:57 - 2014-02-20 18:54 - 00000000 ____D () C:\FRST
2014-02-20 18:57 - 2013-02-20 16:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 18:56 - 2014-02-20 18:56 - 00041847 _____ () C:\Users\Timo\Downloads\Addition.txt
2014-02-20 18:56 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:56 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:53 - 2014-02-20 18:52 - 02153472 _____ (Farbar) C:\Users\Timo\Downloads\FRST64.exe
2014-02-20 18:52 - 2014-02-20 18:52 - 00000000 ____D () C:\Users\Timo\Desktop\security
2014-02-20 18:51 - 2011-02-07 14:36 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Skype
2014-02-20 18:13 - 2011-02-07 14:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 17:55 - 2011-02-04 18:19 - 02052298 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 17:23 - 2011-03-05 17:13 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-20 17:10 - 2011-04-17 22:20 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\TS3Client
2014-02-20 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-02-20 17:05 - 2012-05-27 15:10 - 00000000 ____D () C:\Users\Timo\AppData\Local\ESL Wire Game Client
2014-02-20 17:04 - 2011-12-26 18:12 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-02-20 17:04 - 2011-02-07 14:37 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 17:04 - 2009-07-14 05:51 - 01548624 _____ () C:\Windows\setupact.log
2014-02-20 17:03 - 2011-02-05 13:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-20 17:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 17:44 - 2013-11-17 01:13 - 00000000 ____D () C:\Users\Timo\AppData\Local\Battle.net
2014-02-17 17:52 - 2014-02-17 17:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\NVIDIA
2014-02-17 17:30 - 2014-02-17 17:30 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\StunlockStudios
2014-02-16 14:38 - 2013-11-17 01:13 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-16 12:56 - 2011-02-19 20:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\PMB Files
2014-02-16 11:58 - 2011-02-19 20:52 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-16 00:06 - 2014-02-16 00:06 - 00000000 ____D () C:\Users\Timo\Desktop\android
2014-02-15 23:50 - 2011-02-05 13:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-15 23:50 - 2011-02-05 13:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-15 23:50 - 2011-02-05 13:31 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-15 23:49 - 2014-02-15 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:47 - 2014-02-15 23:47 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-15 23:36 - 2014-02-15 23:30 - 210746952 _____ (NVIDIA Corporation) C:\Users\Timo\Downloads\331.65-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-02-15 23:19 - 2014-02-15 23:14 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-02-15 23:16 - 2014-02-15 23:14 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-15 23:16 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-15 23:12 - 2014-02-15 23:12 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\Timo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-02-12 21:08 - 2011-02-07 14:37 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 21:08 - 2011-02-07 14:37 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-08 14:24 - 2014-02-08 14:24 - 00000203 _____ () C:\Users\Timo\Desktop\Dead Island Epidemic.url
2014-02-04 21:57 - 2013-02-20 16:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 21:57 - 2013-02-20 16:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:57 - 2013-02-20 16:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-03 14:52 - 2011-07-10 21:13 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-03 14:52 - 2011-03-06 00:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-28 15:37 - 2013-11-17 01:13 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Battle.net
2014-01-24 19:21 - 2014-01-24 19:21 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\HackSlashLoot
2014-01-24 15:17 - 2014-01-24 15:17 - 00000000 ____D () C:\Users\Timo\Documents\Gaslamp Games
2014-01-24 11:14 - 2014-01-24 11:14 - 00000203 _____ () C:\Users\Timo\Desktop\Paranautical Activity.url
2014-01-22 18:21 - 2013-11-04 17:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-22 18:18 - 2014-01-22 18:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 18:18 - 2011-02-05 22:25 - 00000000 ____D () C:\Program Files (x86)\Java
Files to move or delete:
====================
C:\Users\Timo\{1A8140AD-3D01-7C98-D764-55146F5D4AE5}-HBLiteSA.exe
Some content of TEMP:
====================
C:\Users\Timo\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.15.4.7479-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7619-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7631-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7636-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.0.7639-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.1.7657-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.2.7687-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.3.7769-x64.exe
C:\Users\Timo\AppData\Local\Temp\HitmanPro.exe
C:\Users\Timo\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Timo\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Timo\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 17:16
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
Also,
Hier erstmal das FRST.txt Log:
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Timo (administrator) on TIMO-PC on 20-02-2014 18:57:18
Running from C:\Users\Timo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\DAODx.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\PACTray.exe
() C:\Program Files\Plantronics\GameCom780\GameCom780.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) H:\steam2\Steam.exe
() C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Users\Timo\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) H:\steam2\Steam.exe
(Valve Corporation) H:\steam2\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() H:\steam2\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) H:\steam2\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [120328 2008-04-04] (Logitech Inc.)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1860496 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [GUCI_AVS] - C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [PACTray] - C:\Windows\PixArt\PAP7501\PACTray.exe [319488 2009-06-09] (PixArt Imaging Incorporation)
HKLM\...\Run: [GamecomSound] - C:\Program Files\Plantronics\GameCom780\GameCom780.exe [777448 2011-12-01] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600 2010-11-15] (PC Tools)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [KPeerNexonEU] - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2011-02-07] (NEXON Inc.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Akamai NetSession Interface] - "C:\Users\Timo\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Steam] - H:\steam2\steam.exe [1822400 2014-02-20] (Valve Corporation)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [ESL Wire] - C:\Program Files\EslWire\wire.exe [4253696 2013-12-09] (Turtle Entertainment GmbH)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoNetworkConnections] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoCommonGroups] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Search
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Nation Search
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURL hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Java Runtime - {279384DD-3D1B-4086-8679-AA5EC7268BE1} - C:\Users\Timo\AppData\Roaming\JavaRun\IE\JavaRun.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: hxxp://www.bing.com/search?setmkt=de-DE&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-25]
CHR Extension: (Google Drive) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-25]
CHR Extension: (YouTube) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-25]
CHR Extension: (YouTube Center) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdcifocibecgcgigbanojipblimlaoij [2013-10-30]
CHR Extension: (Google-Suche) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-25]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-05-25]
CHR Extension: (AdBlock) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-05-25]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-05-25]
CHR Extension: (Modul für das Blockieren gefährlicher Webseiten) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-05-25]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-05-25]
CHR Extension: (Skype Click to Call) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-05-25]
CHR Extension: (Google Wallet) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-05-25]
CHR Extension: (Google Mail) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-25]
CHR Extension: (Anti-Banner) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-05-25]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]
==================== Services (Whitelisted) =================
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2231616 2010-07-19] ()
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3549224 2010-06-07] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2010-10-01] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-15] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [597504 2009-11-06] (PixArt Imaging Incorporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-23] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 PlantronicsGC; C:\Windows\System32\drivers\PLTGC.sys [1327104 2011-11-05] (C-Media Electronics Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-23] (Kaspersky Lab ZAO)
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 X6va003; \??\C:\Users\Timo\AppData\Local\Temp\00358B1.tmp [X]
S3 X6va005; \??\C:\Users\Timo\AppData\Local\Temp\005CDEE.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-20 18:56 - 2014-02-20 18:56 - 00041847 _____ () C:\Users\Timo\Downloads\Addition.txt
2014-02-20 18:54 - 2014-02-20 18:57 - 00023466 _____ () C:\Users\Timo\Downloads\FRST.txt
2014-02-20 18:54 - 2014-02-20 18:57 - 00000000 ____D () C:\FRST
2014-02-20 18:52 - 2014-02-20 18:53 - 02153472 _____ (Farbar) C:\Users\Timo\Downloads\FRST64.exe
2014-02-20 18:52 - 2014-02-20 18:52 - 00000000 ____D () C:\Users\Timo\Desktop\security
2014-02-17 17:52 - 2014-02-17 17:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\NVIDIA
2014-02-17 17:30 - 2014-02-17 17:30 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\StunlockStudios
2014-02-16 00:06 - 2014-02-16 00:06 - 00000000 ____D () C:\Users\Timo\Desktop\android
2014-02-15 23:50 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-15 23:50 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-15 23:49 - 2014-02-15 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:47 - 2014-02-15 23:47 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-15 23:47 - 2013-03-11 15:26 - 00000000 ____D () C:\Users\UpdatusUser\Documents\Visual Studio 2010
2014-02-15 23:47 - 2011-12-26 16:51 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2014-02-15 23:47 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-15 23:47 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-15 23:45 - 2013-10-23 09:20 - 03426956 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-15 23:42 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-15 23:42 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-15 23:42 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-15 23:42 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-15 23:42 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-15 23:42 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-15 23:42 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-15 23:42 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-02-15 23:30 - 2014-02-15 23:36 - 210746952 _____ (NVIDIA Corporation) C:\Users\Timo\Downloads\331.65-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-15 23:14 - 2014-02-15 23:19 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-02-15 23:14 - 2014-02-15 23:16 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-15 23:12 - 2014-02-15 23:12 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\Timo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-02-08 14:24 - 2014-02-08 14:24 - 00000203 _____ () C:\Users\Timo\Desktop\Dead Island Epidemic.url
2014-01-24 19:21 - 2014-01-24 19:21 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\HackSlashLoot
2014-01-24 15:17 - 2014-01-24 15:17 - 00000000 ____D () C:\Users\Timo\Documents\Gaslamp Games
2014-01-24 11:14 - 2014-01-24 11:14 - 00000203 _____ () C:\Users\Timo\Desktop\Paranautical Activity.url
2014-01-22 18:19 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-22 18:18 - 2014-01-22 18:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 18:18 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 18:18 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-22 18:18 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
==================== One Month Modified Files and Folders =======
2014-02-20 18:57 - 2014-02-20 18:54 - 00023466 _____ () C:\Users\Timo\Downloads\FRST.txt
2014-02-20 18:57 - 2014-02-20 18:54 - 00000000 ____D () C:\FRST
2014-02-20 18:57 - 2013-02-20 16:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 18:56 - 2014-02-20 18:56 - 00041847 _____ () C:\Users\Timo\Downloads\Addition.txt
2014-02-20 18:56 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:56 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:53 - 2014-02-20 18:52 - 02153472 _____ (Farbar) C:\Users\Timo\Downloads\FRST64.exe
2014-02-20 18:52 - 2014-02-20 18:52 - 00000000 ____D () C:\Users\Timo\Desktop\security
2014-02-20 18:51 - 2011-02-07 14:36 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Skype
2014-02-20 18:13 - 2011-02-07 14:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 17:55 - 2011-02-04 18:19 - 02052298 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 17:23 - 2011-03-05 17:13 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-20 17:10 - 2011-04-17 22:20 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\TS3Client
2014-02-20 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-02-20 17:05 - 2012-05-27 15:10 - 00000000 ____D () C:\Users\Timo\AppData\Local\ESL Wire Game Client
2014-02-20 17:04 - 2011-12-26 18:12 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-02-20 17:04 - 2011-02-07 14:37 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 17:04 - 2009-07-14 05:51 - 01548624 _____ () C:\Windows\setupact.log
2014-02-20 17:03 - 2011-02-05 13:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-20 17:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 17:44 - 2013-11-17 01:13 - 00000000 ____D () C:\Users\Timo\AppData\Local\Battle.net
2014-02-17 17:52 - 2014-02-17 17:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\NVIDIA
2014-02-17 17:30 - 2014-02-17 17:30 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\StunlockStudios
2014-02-16 14:38 - 2013-11-17 01:13 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-16 12:56 - 2011-02-19 20:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\PMB Files
2014-02-16 11:58 - 2011-02-19 20:52 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-16 00:06 - 2014-02-16 00:06 - 00000000 ____D () C:\Users\Timo\Desktop\android
2014-02-15 23:50 - 2011-02-05 13:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-15 23:50 - 2011-02-05 13:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-15 23:50 - 2011-02-05 13:31 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-15 23:49 - 2014-02-15 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:47 - 2014-02-15 23:47 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-15 23:36 - 2014-02-15 23:30 - 210746952 _____ (NVIDIA Corporation) C:\Users\Timo\Downloads\331.65-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-02-15 23:19 - 2014-02-15 23:14 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-02-15 23:16 - 2014-02-15 23:14 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-15 23:16 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-15 23:12 - 2014-02-15 23:12 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\Timo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-02-12 21:08 - 2011-02-07 14:37 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 21:08 - 2011-02-07 14:37 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-08 14:24 - 2014-02-08 14:24 - 00000203 _____ () C:\Users\Timo\Desktop\Dead Island Epidemic.url
2014-02-04 21:57 - 2013-02-20 16:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 21:57 - 2013-02-20 16:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:57 - 2013-02-20 16:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-03 14:52 - 2011-07-10 21:13 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-03 14:52 - 2011-03-06 00:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-28 15:37 - 2013-11-17 01:13 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Battle.net
2014-01-24 19:21 - 2014-01-24 19:21 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\HackSlashLoot
2014-01-24 15:17 - 2014-01-24 15:17 - 00000000 ____D () C:\Users\Timo\Documents\Gaslamp Games
2014-01-24 11:14 - 2014-01-24 11:14 - 00000203 _____ () C:\Users\Timo\Desktop\Paranautical Activity.url
2014-01-22 18:21 - 2013-11-04 17:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-22 18:18 - 2014-01-22 18:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 18:18 - 2011-02-05 22:25 - 00000000 ____D () C:\Program Files (x86)\Java
Files to move or delete:
====================
C:\Users\Timo\{1A8140AD-3D01-7C98-D764-55146F5D4AE5}-HBLiteSA.exe
Some content of TEMP:
====================
C:\Users\Timo\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.15.4.7479-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7619-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7631-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7636-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.0.7639-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.1.7657-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.2.7687-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.3.7769-x64.exe
C:\Users\Timo\AppData\Local\Temp\HitmanPro.exe
C:\Users\Timo\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Timo\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Timo\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 17:16
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
Tut mir Leid, dass ich das zwei mal geschickt habe.
Hier die Addcition.txt:
Error: (02/19/2014 07:27:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DOSBox.exe, Version: 0.74.0.0, Zeitstempel: 0x4d854294
Name des fehlerhaften Moduls: SDL.dll, Version: 1.2.14.0, Zeitstempel: 0x4d8524d9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00024739
ID des fehlerhaften Prozesses: 0x8b0
Startzeit der fehlerhaften Anwendung: 0xDOSBox.exe0
Pfad der fehlerhaften Anwendung: DOSBox.exe1
Pfad des fehlerhaften Moduls: DOSBox.exe2
Berichtskennung: DOSBox.exe3
Error: (02/19/2014 07:24:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DOSBox.exe, Version: 0.74.0.0, Zeitstempel: 0x4d854294
Name des fehlerhaften Moduls: SDL.dll, Version: 1.2.14.0, Zeitstempel: 0x4d8524d9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00024739
ID des fehlerhaften Prozesses: 0x1330
Startzeit der fehlerhaften Anwendung: 0xDOSBox.exe0
Pfad der fehlerhaften Anwendung: DOSBox.exe1
Pfad des fehlerhaften Moduls: DOSBox.exe2
Berichtskennung: DOSBox.exe3
Error: (02/19/2014 07:18:30 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DOSBox.exe, Version: 0.74.0.0, Zeitstempel: 0x4d854294
Name des fehlerhaften Moduls: SDL.dll, Version: 1.2.14.0, Zeitstempel: 0x4d8524d9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00024739
ID des fehlerhaften Prozesses: 0x12e0
Startzeit der fehlerhaften Anwendung: 0xDOSBox.exe0
Pfad der fehlerhaften Anwendung: DOSBox.exe1
Pfad des fehlerhaften Moduls: DOSBox.exe2
Berichtskennung: DOSBox.exe3
Error: (02/19/2014 06:50:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DOSBox.exe, Version: 0.74.0.0, Zeitstempel: 0x4d854294
Name des fehlerhaften Moduls: SDL.dll, Version: 1.2.14.0, Zeitstempel: 0x4d8524d9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00024739
ID des fehlerhaften Prozesses: 0x16b8
Startzeit der fehlerhaften Anwendung: 0xDOSBox.exe0
Pfad der fehlerhaften Anwendung: DOSBox.exe1
Pfad des fehlerhaften Moduls: DOSBox.exe2
Berichtskennung: DOSBox.exe3
Error: (02/19/2014 06:06:51 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (02/19/2014 06:06:22 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
System errors:
=============
Error: (02/20/2014 06:21:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/20/2014 06:21:29 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (02/20/2014 05:04:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053
Error: (02/20/2014 05:04:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/20/2014 05:04:31 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht.
Error: (02/19/2014 06:10:38 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (02/18/2014 04:12:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Kaspersky Anti-Virus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/18/2014 01:41:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053
Error: (02/18/2014 01:40:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/18/2014 01:40:47 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht.
Microsoft Office Sessions:
=========================
Error: (02/20/2014 06:21:32 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (02/20/2014 05:03:50 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\amd64_micros oft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL
Error: (02/19/2014 08:16:32 PM) (Source: Application Error)(User: )
Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c000000500024739122001cf2da16fbebc9fH:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll573a2d5f-999a-11e3-be0d-bcaec51fc960
Error: (02/19/2014 07:34:48 PM) (Source: Application Error)(User: )
Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c00000050002473931401cf2da0690a0cc2H:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll829dfcd7-9994-11e3-be0d-bcaec51fc960
Error: (02/19/2014 07:27:12 PM) (Source: Application Error)(User: )
Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c0000005000247398b001cf2d9fe8505a2dH:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll72b29d61-9993-11e3-be0d-bcaec51fc960
Error: (02/19/2014 07:24:36 PM) (Source: Application Error)(User: )
Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c000000500024739133001cf2d9f91ca57b9H:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll15b60003-9993-11e3-be0d-bcaec51fc960
Error: (02/19/2014 07:18:30 PM) (Source: Application Error)(User: )
Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c00000050002473912e001cf2d9b1e5f76eeH:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll3ba5e25d-9992-11e3-be0d-bcaec51fc960
Error: (02/19/2014 06:50:31 PM) (Source: Application Error)(User: )
Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c00000050002473916b801cf2d9aa4c1a25eH:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll52a884d6-998e-11e3-be0d-bcaec51fc960
Error: (02/19/2014 06:06:51 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (02/19/2014 06:06:22 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
CodeIntegrity Errors:
===================================
Date: 2014-02-18 17:18:48.815
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-18 17:18:48.814
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-18 17:18:48.811
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-18 17:18:48.797
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-18 17:18:48.794
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-18 17:18:48.790
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-14 13:44:59.604
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-14 13:44:59.603
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-14 13:44:59.600
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-14 13:44:59.588
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 82%
Total physical RAM: 4094.18 MB
Available physical RAM: 706.8 MB
Total Pagefile: 8186.55 MB
Available Pagefile: 3112.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.21 GB) (Free:17.7 GB) NTFS
Drive d: () (Fixed) (Total:390.62 GB) (Free:269.43 GB) NTFS
Drive h: (Elements) (Fixed) (Total:931.51 GB) (Free:724.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3E51F3BB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=391 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 00372B75)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST 32-Bit | FRST 64-Bit
So funktioniert es: