Ups, da hatte ich doch die Sache mit der Rautetaste übersehen, um vollständig korrekt zu handeln hier nocheinmal.
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015
Ran by batman (administrator) on BATMAN-PC on 12-05-2015 17:28:28
Running from C:\Users\batman\Downloads
Loaded Profiles: batman (Available profiles: batman)
Platform: Microsoft® Windows Vista™ Business Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(SafeBoot International) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accoca.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
(Infineon Technologies AG) C:\Windows\System32\IFXSPMGT.exe
(Infineon Technologies AG) C:\Windows\System32\IFXTCS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Infineon Technologies AG) C:\Windows\System32\IfxPsdSv.exe
(QUALCOMM, Inc.) C:\QUALCOMM\QDLService\QDLService.exe
(HP) C:\Program Files\HPQ\HP Connection Manager 1.1\bin\mdvsrv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(HP) C:\Program Files\HPQ\HP Connection Manager 1.1\bin\gbxApp.exe
(HP) C:\Program Files\HPQ\HP Connection Manager 1.1\bin\gbx4log.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Infineon Technologies AG) C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-20] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1045800 2008-03-27] (Synaptics, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [293168 2007-05-15] (ActivIdentity)
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [238896 2008-06-10] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CognizanceTS] => rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [coreworks] => C:\Program Files\HPQ\HP Connection Manager 1.1\bin\gbxapp.exe [780776 2008-06-12] (HP)
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [318488 2008-05-12] (PDF Complete Inc)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [IFXSPMGT] => C:\Windows\system32\ifxspmgt.exe [1090840 2008-04-21] (Infineon Technologies AG)
HKLM\...\Run: [File Sanitizer] => C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [10244096 2008-05-14] (Hewlett-Packard)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll [2008-04-21] (Hewlett-Packard Limited)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2990150964-2301804116-3630580375-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-2990150964-2301804116-3630580375-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2990150964-2301804116-3630580375-1000\...\MountPoints2: {20b9dad0-e5bf-11e3-a71c-806e6f6e6963} - D:\SWSETUP\APPINSTL\setup.exe
AppInit_DLLs: APSHook.dll => C:\Windows\system32\APSHook.dll [76048 2008-03-25] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk [2014-05-27]
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk [2014-05-27]
ShortcutTarget: DVD Check.lnk -> C:\Program Files\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: BHO_Startup Class -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-14] (Hewlett-Packard)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-05-29] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-17] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-05-29] (Kaspersky Lab ZAO)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-06-02] (Bioscrypt Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-05-29] (Kaspersky Lab ZAO)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 195.50.140.116 195.50.140.180
FireFox:
========
FF ProfilePath: C:\Users\batman\AppData\Roaming\Mozilla\Firefox\Profiles\00gi6bdn.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-27]
FF HKLM\...\Firefox\Extensions: - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-05-29]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-05-29]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-05-29]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-05-29]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-05-29]
Chrome:
=======
CHR Profile: C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-12]
CHR Extension: (Google Drive) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-12]
CHR Extension: (YouTube) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-12]
CHR Extension: (Google Search) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-12]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-07-12]
CHR Extension: (Bookmark Manager) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Safe Money) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2014-07-12]
CHR Extension: (Dangerous Websites Blocker) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-07-12]
CHR Extension: (Virtual Keyboard) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-07-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-12]
CHR Extension: (Gmail) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-12]
CHR Extension: (Anti-Banner) - C:\Users\batman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-07-12]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-06-17]
CHR HKLM\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-06-17]
CHR HKLM\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-06-17]
CHR HKLM\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-06-17]
CHR HKLM\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-06-17]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 accoca; C:\Program Files\ActivIdentity\ActivClient\accoca.exe [182576 2007-05-15] (ActivIdentity)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWlnPkg.DLL [112400 2008-06-02] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [137488 2008-06-02] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1176824 2008-05-15] (AuthenTec, Inc.)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2014-05-29] (Kaspersky Lab ZAO)
S3 FLCDLOCK; C:\Windows\system32\flcdlock.exe [349432 2008-04-21] (Hewlett-Packard Ltd)
R2 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [18944 2008-06-10] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256512 2008-06-05] (SafeBoot International)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [77824 2008-05-14] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IFXSpMgtSrv; C:\Windows\system32\ifxspmgt.exe [1090840 2008-04-21] (Infineon Technologies AG)
R2 IFXTCS; C:\Windows\system32\ifxtcs.exe [980248 2008-03-21] (Infineon Technologies AG)
R2 mdvsrv; C:\Program Files\HPQ\HP Connection Manager 1.1\bin\mdvsrv.exe [575976 2008-06-12] (HP) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [576024 2008-05-12] (PDF Complete Inc)
R2 PersonalSecureDriveService; C:\Windows\system32\IfxPsdSv.exe [210200 2008-03-21] (Infineon Technologies AG)
R2 QDLService; C:\QUALCOMM\QDLService\QDLService.exe [345336 2008-06-09] (QUALCOMM, Inc.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [771456 2015-05-12] (Enigma Software Group USA, LLC.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [1287552 2008-03-21] (Broadcom Corporation)
R3 btaudio; C:\Windows\System32\drivers\btaudio.sys [539512 2008-05-14] (Broadcom Corporation.)
R3 BTDriver; C:\Windows\System32\DRIVERS\btport.sys [37424 2008-05-14] (Broadcom Corporation.)
R3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [879624 2008-05-14] (Broadcom Corporation.)
R3 BTWDNDIS; C:\Windows\System32\DRIVERS\btwdndis.sys [156392 2008-05-14] (Broadcom Corporation.)
R3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [74688 2008-05-14] (Broadcom Corporation.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32256 2008-04-09] (Hewlett-Packard Development Company L.P.)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [16432 2015-05-12] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2015-05-12] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-05-29] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [576608 2014-05-29] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2014-05-29] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25184 2014-05-29] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2014-05-29] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [144992 2014-05-29] (Kaspersky Lab ZAO)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [39712 2008-03-21] (Infineon Technologies AG)
S3 QCFilterhp; C:\Windows\System32\DRIVERS\qcfilterhp.sys [5248 2008-06-09] (QUALCOMM Incorporated)
S3 qcusbnethp; C:\Windows\System32\DRIVERS\qcusbnethp.sys [112640 2008-06-09] (QUALCOMM Incorporated)
S3 qcusbserhp; C:\Windows\System32\DRIVERS\qcusbserhp.sys [103680 2008-06-09] (QUALCOMM Incorporated)
R3 rismc32; C:\Windows\System32\DRIVERS\rismc32.sys [49152 2009-07-20] (RICOH Company, Ltd.)
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [12496 2008-06-05] (SafeBoot International)
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [109184 2008-06-05] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [51376 2008-06-05] (SafeBoot N.V.)
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [12928 2008-06-05] (SafeBoot International)
U4 eabfiltr; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [94304 2014-05-29] (Kaspersky Lab ZAO)
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-12 17:28 - 2015-05-12 17:29 - 00022136 _____ () C:\Users\batman\Downloads\FRST.txt
2015-05-12 17:27 - 2015-05-12 17:28 - 00000000 ____D () C:\FRST
2015-05-12 17:24 - 2015-05-12 17:24 - 01141248 _____ (Farbar) C:\Users\batman\Downloads\FRST.exe
2015-05-12 14:29 - 2015-05-12 14:44 - 00000000 ____D () C:\Users\batman\Documents\Trobo
2015-05-12 14:29 - 2015-05-12 14:29 - 00000000 ____D () C:\Users\batman\Documents\Neuer Ordner (3)
2015-05-12 14:29 - 2015-05-12 14:29 - 00000000 ____D () C:\Users\batman\Documents\Neuer Ordner (2)
2015-05-12 08:23 - 2015-05-12 08:23 - 00000000 ____D () C:\Users\batman\AppData\Roaming\Enigma Software Group
2015-05-12 08:22 - 2015-05-12 08:22 - 00001075 _____ () C:\Users\batman\Desktop\SpyHunter.lnk
2015-05-12 08:21 - 2015-05-12 08:22 - 00000000 ____D () C:\sh4ldr
2015-05-12 08:20 - 2015-05-12 08:20 - 00019984 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-05-12 08:20 - 2015-05-12 08:20 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-06 12:27 - 2015-05-06 12:27 - 00072615 _____ () C:\Users\batman\Downloads\WEB.DE Club - E-Mail made in Germany 05.15.html
2015-05-06 12:27 - 2015-05-06 12:27 - 00000000 ____D () C:\Users\batman\Downloads\WEB.DE Club - E-Mail made in Germany 05.15_files
2015-05-05 09:56 - 2015-05-08 09:49 - 01129472 _____ () C:\Users\batman\Downloads\Anfragebuch 22.04.2015.xls
2015-04-28 10:06 - 2015-04-28 10:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-23 10:11 - 2015-04-24 14:38 - 00000000 ____D () C:\Users\batman\Documents\Monti-Schule
2015-04-22 12:01 - 2015-04-22 12:01 - 01128448 _____ () C:\Users\batman\Downloads\Anfragebuch 13.04.2015 (2).xls
2015-04-19 19:47 - 2015-04-19 19:47 - 00000911 _____ () C:\Users\batman\Downloads\Im Namen der Rose - 11.07.2015.ics
2015-04-17 17:34 - 2015-04-17 17:34 - 00020480 _____ () C:\Users\batman\Downloads\Verguetungspauschale.xls
2015-04-17 12:25 - 2015-04-17 12:25 - 01128448 _____ () C:\Users\batman\Downloads\Anfragebuch 13.04.2015 (1).xls
2015-04-16 03:27 - 2015-03-09 03:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-16 03:07 - 2015-03-05 04:32 - 00244152 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-16 03:07 - 2015-03-05 04:24 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-16 03:07 - 2015-03-05 04:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-16 03:06 - 2015-03-14 04:21 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-16 03:06 - 2015-03-13 03:51 - 03604920 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-16 03:06 - 2015-03-13 03:51 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 13:21 - 2015-04-15 13:21 - 02238600 _____ (Microsoft Corporation) C:\Users\batman\Downloads\DefaultPack.EXE.part
2015-04-15 13:15 - 2015-04-15 13:15 - 00685502 _____ () C:\Users\batman\Downloads\20141114 Bühnen- und Meilenstandorte_aktuell.pptx
2015-04-15 10:40 - 2015-03-10 01:06 - 12377600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 10:40 - 2015-03-10 01:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 10:40 - 2015-03-10 01:02 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 10:40 - 2015-03-10 01:00 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 10:40 - 2015-03-10 00:57 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 10:40 - 2015-03-10 00:57 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 10:40 - 2015-03-10 00:56 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 10:40 - 2015-03-10 00:56 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 10:40 - 2015-03-10 00:56 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 10:40 - 2015-03-10 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 10:40 - 2015-03-10 00:56 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-04-15 10:40 - 2015-03-10 00:56 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 10:40 - 2015-03-10 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 10:40 - 2015-03-10 00:55 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 10:40 - 2015-03-10 00:55 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 10:40 - 2015-03-10 00:55 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 10:40 - 2015-03-10 00:55 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 10:40 - 2015-03-10 00:55 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 10:40 - 2015-03-10 00:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 10:40 - 2015-03-10 00:55 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-04-15 10:40 - 2015-03-10 00:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-04-15 10:40 - 2015-03-10 00:55 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-04-14 07:29 - 2015-04-14 07:29 - 00880208 _____ (Google Inc.) C:\Users\batman\Downloads\GoogleEarthSetup (5).exe
2015-04-13 16:33 - 2015-04-13 16:33 - 00002017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-04-13 16:32 - 2015-04-13 16:32 - 00880208 _____ (Google Inc.) C:\Users\batman\Downloads\GoogleEarthSetup (4).exe
2015-04-13 16:31 - 2015-04-13 16:31 - 00880208 _____ (Google Inc.) C:\Users\batman\Downloads\GoogleEarthSetup (3).exe
2015-04-13 14:05 - 2015-04-13 14:05 - 01128448 _____ () C:\Users\batman\Downloads\Anfragebuch 13.04.2015.xls
2015-04-13 13:35 - 2015-04-13 13:35 - 01126400 _____ () C:\Users\batman\Downloads\Anfragebuch 24.03.2015 (1) (2).xls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-12 17:22 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-12 17:22 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-12 17:19 - 2014-07-12 21:15 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-12 17:14 - 2014-05-29 13:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-12 17:04 - 2014-06-07 08:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-12 14:51 - 2008-01-21 03:39 - 01508035 _____ () C:\Windows\WindowsUpdate.log
2015-05-12 10:19 - 2014-07-12 21:15 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-12 08:22 - 2014-05-27 19:01 - 00000000 ____D () C:\Users\batman
2015-05-12 08:20 - 2006-11-02 12:33 - 01641918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-12 08:17 - 2006-11-02 14:52 - 00082588 _____ () C:\Windows\setupact.log
2015-05-09 13:26 - 2014-05-27 20:17 - 00000000 ____D () C:\ProgramData\hpqLog
2015-05-09 13:25 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-03 11:30 - 2014-05-27 23:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-03 11:30 - 2006-11-02 15:00 - 00087476 _____ () C:\Windows\PFRO.log
2015-05-01 05:24 - 2014-07-12 21:18 - 00001963 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-29 10:04 - 2015-04-09 13:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2015-04-17 20:59 - 2014-05-27 18:55 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-04-17 20:59 - 2006-11-02 15:01 - 00032546 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-16 03:27 - 2014-05-27 22:26 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 03:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-16 03:08 - 2006-11-02 12:24 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-04-15 07:05 - 2014-06-07 08:44 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 07:05 - 2014-06-07 08:44 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-13 16:33 - 2014-07-12 21:15 - 00000000 ____D () C:\Program Files\Google
==================== Files in the root of some directories =======
2014-05-27 20:29 - 2014-05-27 20:29 - 0000000 _____ () C:\Users\batman\AppData\Local\AtStart.txt
2014-05-27 19:01 - 2014-05-27 21:48 - 0000680 _____ () C:\Users\batman\AppData\Local\d3d9caps.dat
2014-06-30 11:03 - 2015-02-19 18:42 - 0018944 _____ () C:\Users\batman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-27 20:29 - 2014-05-27 20:29 - 0000000 _____ () C:\Users\batman\AppData\Local\DSwitch.txt
2014-05-27 20:45 - 2014-05-27 20:45 - 0000094 _____ () C:\Users\batman\AppData\Local\fusioncache.dat
2014-05-27 20:29 - 2014-05-27 20:29 - 0000000 _____ () C:\Users\batman\AppData\Local\QSwitch.txt
2014-10-23 01:15 - 2014-10-23 01:15 - 0000000 _____ () C:\Users\batman\AppData\Local\{1E60471E-60FE-480D-952C-BABF2776DA82}
2014-05-29 15:32 - 2014-05-29 15:32 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\batman\AppData\Local\Temp\_is1DEC.exe
C:\Users\batman\AppData\Local\Temp\_isA331.exe
C:\Users\batman\AppData\Local\Temp\_isE1B7.exe
C:\Users\batman\AppData\Local\Temp\_isE59D.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-09 13:36
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015
Ran by batman at 2015-05-12 17:30:45
Running from C:\Users\batman\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2990150964-2301804116-3630580375-500 - Administrator - Disabled)
batman (S-1-5-21-2990150964-2301804116-3630580375-1000 - Administrator - Enabled) => C:\Users\batman
Gast (S-1-5-21-2990150964-2301804116-3630580375-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActivClient 6.1 x86 (Version: 6.01.00034 - ActivIdentity) Hidden
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
AuthenTec Fingerprint System (Version: 8.00.0000 - AuthenTec, Inc.) Hidden
Credential Manager for HP ProtectTools (Version: 4.0.4.1216.1 - Hewlett-Packard Company) Hidden
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 3.0.0.6 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 4.0.6 - Hewlett-Packard) Hidden
Embedded Security for HP ProtectTools (HKLM\...\{ABE1ADEC-E87A-48F7-808B-18614054D7A0}) (Version: 5.5.000 - Hewlett-Packard)
File Sanitizer For HP ProtectTools (HKLM\...\{789C97CE-9E17-4126-BDF4-11FF458BF705}) (Version: 1.0.0.19 - Hewlett-Packard)
FlightGear v3.0.0 (HKLM\...\FlightGear_is1) (Version: - The FlightGear Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM\...\{1A295C25-6E02-49FB-826B-F0D2C56FFA4E}) (Version: 7.1.4.1529 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
HP Connection Manager 1.1 (HKLM\...\{AF0A8C4A-272D-479A-A2E4-07D17D5FC594}) (Version: 1.01.0002 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Integrated Module with Bluetooth wireless technology (HKLM\...\{84814E6B-2581-46EC-926A-823BD1C670F6}) (Version: 5.1.0.4803 - HP)
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{48C5B91E-E794-4179-9FBF-A9A1635B9F66}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Hilfe (HKLM\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP ProtectTools Security Manager Suite (HKLM\...\{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}) (Version: 04.00.03.0001 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guide Bluetooth Addendum 0062 (HKLM\...\{7FD8231E-3991-48D7-A2C8-2C42A7075FB1}) (Version: 1.01.0000 - Ihr Firmenname)
HP User Guides 0098 (HKLM\...\{7A1F9988-F56D-4D70-B759-3189B56EB1B2}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K1 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
InterVideo DVD Check (HKLM\...\{5D97A4A7-C274-4B63-86D9-07A33435F505}) (Version: - )
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1256 - InterVideo Inc.)
Kaspersky Internet Security (HKLM\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2990150964-2301804116-3630580375-1000\...\MyFreeCodec) (Version: - )
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF Complete (HKLM\...\PDF Complete) (Version: 3.5.30 - PDF Complete, Inc.)
Personalize Your PC (HKLM\...\{63C8FE88-478F-4E14-ADD0-B55227CC3234}) (Version: 1.00.0000 - Hewlett Packard)
Privacy Manager for HP ProtectTools (HKLM\...\{78584C1B-8F7B-4B24-80D1-02B309F67AB3}) (Version: 1.0.0.528 - Hewlett-Packard)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Qualcomm Gobi Driver Package for HP (HKLM\...\{27A49D47-ED7A-485E-9EF7-E606273EE816}) (Version: 1.0.6 - QUALCOMM)
Qualcomm Gobi Images for HP (HKLM\...\{77754C72-743C-47E6-9F72-85265BEFF493}) (Version: 1.0.9 - QUALCOMM)
RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.10.00.04 - RICOH)
RICOH R5C853 Media Driver Ver.1.02.00.06b (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 1.02.00.06 - RICOH)
Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SE305 (HKLM\...\SE305) (Version: - My Company)
SE305 (Version: 1.0.0 - ) Hidden
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
SpyHunter 4 (HKLM\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
Studie zur Verbesserung von HP Officejet 6600 Produkten (HKLM\...\{81EFD067-B84F-423C-85BF-5CC11DFB0A3E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.0.7.0 - Synaptics)
Wochenplan-Trainingssoftware 1 (HKLM\...\Wochenplan-Trainingssoftware 1) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2990150964-2301804116-3630580375-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-2990150964-2301804116-3630580375-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\batman\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe (Macrovision Corporation)
==================== Restore Points =========================
01-05-2015 00:00:05 Geplanter Prüfpunkt
02-05-2015 07:30:22 Geplanter Prüfpunkt
03-05-2015 16:09:46 Geplanter Prüfpunkt
04-05-2015 07:54:45 Geplanter Prüfpunkt
05-05-2015 07:43:01 Geplanter Prüfpunkt
06-05-2015 12:59:01 Geplanter Prüfpunkt
08-05-2015 00:00:05 Geplanter Prüfpunkt
09-05-2015 16:17:52 Geplanter Prüfpunkt
10-05-2015 09:03:49 Geplanter Prüfpunkt
11-05-2015 05:58:16 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1D661447-16DA-4318-B498-1F6F7D28008F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {1E298D6D-AB18-4B31-88F0-3D331F401197} - System32\Tasks\{437EF059-ECC9-449B-83AE-F0CCC2D2EAFA} => pcalua.exe -a C:\Windows\system32\BTCPL.cpl
Task: {279E4804-8A36-472A-BE07-F858985F8F7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: {3E1872BA-4960-4E95-8DC3-566CCE732734} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-12] (Google Inc.)
Task: {51F4097C-A54E-4B25-8A2F-3FD0AE985D32} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {7A365B9A-E9DC-4362-8E8B-20B87459BDFE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {A4BAB0BD-EA6C-4FEA-B217-3C110024DCBF} - System32\Tasks\{2876DEAB-A2F5-4F5E-B815-DB132A570DE8} => pcalua.exe -a E:\HP\sp48480.exe -d E:\HP
Task: {B651CAF7-871F-4290-AB25-641B28052FDD} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-05-12] (Enigma Software Group USA, LLC.)
Task: {E6AC21DD-BB20-445A-BCDE-662B8182DDDD} - System32\Tasks\{45D86C8F-CC24-4596-BA82-FC049B4A8D43} => pcalua.exe -a D:\SWSETUP\HPTOOLS\SETUP.EXE -d D:\SWSETUP\HPTOOLS
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2008-04-21 11:43 - 2008-04-21 11:43 - 00294912 _____ () C:\Windows\system32\flcdlmsg.dll
2008-06-12 13:19 - 2008-06-12 13:19 - 00223720 _____ () C:\Program Files\HPQ\HP Connection Manager 1.1\bin\HPBIOS.DLL
2008-05-12 14:49 - 2008-05-12 14:49 - 00040960 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-06-12 13:19 - 2008-06-12 13:19 - 03996136 _____ () c:\program files\hpq\hp connection manager 1.1\bin\connmgr.dll
2008-06-12 13:19 - 2008-06-12 13:19 - 03820008 _____ () c:\program files\hpq\hp connection manager 1.1\bin\hpcmif.dll
2014-05-30 09:18 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2015-01-22 14:21 - 2015-01-22 14:21 - 00183296 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\44ed7ad43057ad7ab34027c2ebc8f6d2\Kies.Common.DeviceServiceLib.Interface.ni.dll
2015-01-22 14:21 - 2015-01-22 14:21 - 14992896 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\b7ac337543fe9f08e68cb5c82ce2a31c\Kies.Theme.ni.dll
2015-01-22 14:20 - 2015-01-22 14:20 - 01834496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\66ba318f20218d4f013db30dfbc2a2a9\Kies.UI.ni.dll
2015-01-22 14:20 - 2015-01-22 14:20 - 00077824 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\5a05f3859ea41d7871e9df6a12baedc0\Kies.MVVM.ni.dll
2015-01-22 14:21 - 2015-01-22 14:21 - 00233472 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\de6a15348040911b2e63c8dbe3c77275\ASF_cSharpAPI.ni.dll
2008-05-12 14:51 - 2008-05-14 10:08 - 26259456 _____ () C:\Windows\system32\btwicons.dll
2009-07-01 15:44 - 2009-07-01 15:44 - 00632888 _____ () C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
2015-04-15 07:05 - 2015-04-15 07:05 - 16863920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll
2014-12-03 20:06 - 2014-12-03 20:06 - 00057856 _____ () C:\Program Files\Adobe\Reader 10.0\Reader\Locale\de_de\brdlang32.DEU
2015-04-10 08:24 - 2015-04-19 09:46 - 09498624 _____ () C:\Users\batman\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
2012-07-27 22:51 - 2012-07-27 22:51 - 06549432 _____ () C:\Program Files\Adobe\Reader 10.0\Reader\authplay.dll
2014-06-30 12:58 - 2014-12-11 10:51 - 03066880 _____ () C:\Users\batman\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.DEU
2014-12-03 20:06 - 2014-12-03 20:06 - 00305544 _____ () C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll
2014-06-30 12:58 - 2014-12-11 10:51 - 00014336 _____ () C:\Users\batman\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2990150964-2301804116-3630580375-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Public\Pictures\Sample Pictures\Garden.jpg
DNS Servers: 192.168.2.1 - 195.50.140.116
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [{19CD42F9-9280-4538-86E6-E7D6B47CD8F7}] => (Allow) LPort=80
FirewallRules: [{28F14085-B7F5-4B31-A946-8DBC96333BE2}] => (Allow) LPort=80
FirewallRules: [{6AA5D7A4-B129-4745-8516-C45EC101EDE8}] => (Allow) LPort=80
FirewallRules: [{CB0DE5E5-E03A-437D-A411-E63356135164}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe
FirewallRules: [{99362739-68D5-4212-B3F7-9B3A987BC906}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe
FirewallRules: [{9746FE47-8DEA-4789-A6B5-4A038335FE6F}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe
FirewallRules: [{0F0E7760-4A6E-4698-88C5-70B1B5D4CBCE}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe
FirewallRules: [{B919B073-0880-4F4B-9405-2089C128F379}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EF6CA753-012C-43E0-92B4-B28CE6904F00}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0198A136-AC82-4AC8-87BE-1D54D7E7ECC2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{EF4D6576-19C6-444F-9986-DF44B8312C57}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{52F5FF53-2CFF-45B1-B219-C121681CF9C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{65CADBFE-8903-4ADA-B551-48CB70FC4872}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/12/2015 01:58:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung AsGHost.exe, Version 3.0.0.64, Zeitstempel 0x48443907, fehlerhaftes Modul ItSSO.dll, Version 3.0.0.464, Zeitstempel 0x484439b8, Ausnahmecode 0xc0000005, Fehleroffset 0x0001f29a,
Prozess-ID 0x994, Anwendungsstartzeit AsGHost.exe0.
Error: (05/09/2015 01:30:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/05/2015 06:56:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/04/2015 07:06:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/03/2015 11:31:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/28/2015 07:24:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/27/2015 07:31:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2015 08:01:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2015 08:52:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2015 07:32:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (05/12/2015 02:56:24 PM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 00247E326368 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%121. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/12/2015 02:44:30 PM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 00247E326368 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%121. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/12/2015 01:32:46 PM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 00247E326368 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%121. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/12/2015 08:19:54 AM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 00247E326368 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%121. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/11/2015 08:40:21 PM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 00247E326368 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%121. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/11/2015 07:58:44 PM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 00247E326368 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%121. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/11/2015 02:08:21 PM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 00247E326368 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%121. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/11/2015 05:57:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Netman
Error: (05/10/2015 10:08:36 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: Das Gerät "Kommunikationsanschluss (COM1)" (ACPI\PNP0501\5&338c4d51&0) wurde ohne vorbereitende Maßnahmen vom System entfernt.
Error: (05/10/2015 09:03:18 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Schedule
Microsoft Office Sessions:
=========================
Error: (05/12/2015 01:58:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AsGHost.exe3.0.0.6448443907ItSSO.dll3.0.0.464484439b8c00000050001f29a99401d08aefc4263700
Error: (05/09/2015 01:30:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/05/2015 06:56:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/04/2015 07:06:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/03/2015 11:31:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/28/2015 07:24:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/27/2015 07:31:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/26/2015 08:01:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/25/2015 08:52:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/23/2015 07:32:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-05-12 17:29:29.819
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-12 17:29:29.325
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-12 17:29:28.878
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-12 17:29:28.430
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kneps.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-12 17:29:27.855
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-12 17:29:27.377
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-12 17:29:26.922
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-12 17:29:26.494
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\kltdi.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-12 17:29:25.941
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-12 17:29:25.491
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\klpd.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T9400 @ 2.53GHz
Percentage of memory in use: 70%
Total physical RAM: 2971.27 MB
Available physical RAM: 862.06 MB
Total Pagefile: 6169.26 MB
Available Pagefile: 3042.47 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:52.94 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (LEXAR) (Removable) (Total:14.9 GB) (Free:14.9 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)
==================== End Of Log ============================
|
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
Emsisoft Emergency Kit herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
