Hallo,
ich habe nun doch noch Zeit gefunden.
Hier ist das Ergebnis des Scans
Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-02-2013 03
Ran by SYSTEM at 01-02-2013 13:30:49
Running from I:\
Windows 7 Ultimate (X64) OS Language: German Standard
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-09-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKU\Dennis\...\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun [202296 2012-04-25] (Kaspersky Lab ZAO)
HKU\Dennis\...\Winlogon: [Shell] explorer.exe,C:\Users\Dennis\AppData\Roaming\skype.dat [56832 2011-11-17] ()
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$0fa14cb40e0202cf18556cd2710fa41f\n. ATTENTION! ====> ZeroAccess
==================== Services (Whitelisted) ===================
2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [86224 2012-05-09] (Avira Operations GmbH & Co. KG)
2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [110032 2012-05-09] (Avira Operations GmbH & Co. KG)
2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [465360 2012-05-09] (Avira Operations GmbH & Co. KG)
2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
2 KSS; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" -r [202296 2012-04-25] (Kaspersky Lab ZAO)
2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-05-23] ()
2 wDokanMounter; C:\Program Files (x86)\Wuala Dokan\mounter.exe [11776 2010-08-11] ()
2 sfrem01; C:\Windows\System32\sfrem01.exe svc [x]
==================== Drivers (Whitelisted) =====================2 avgntflt; C:\Windows\System32\Drivers\avgntflt.sys [98848 2012-05-09] (Avira GmbH)
1 avipbb; C:\Windows\System32\Drivers\avipbb.sys [132832 2012-05-09] (Avira GmbH)
1 avkmgr; C:\Windows\System32\Drivers\avkmgr.sys [27760 2011-10-19] (Avira GmbH)
3 avmeject; C:\Windows\System32\Drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
1 cbfs3; C:\Windows\System32\Drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
3 FWLANUSB; C:\Windows\System32\Drivers\FWLANUSB.sys [460800 2009-03-20] (AVM GmbH)
0 sfsync04; C:\Windows\System32\Drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce))
0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-10-22] (Duplex Secure Ltd.)
2 wDokan; C:\Windows\System32\Drivers\wDokan.sys [86392 2010-08-11] ()
3 ALSysIO; \??\C:\Users\Dennis\AppData\Local\Temp\ALSysIO64.sys [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2013-01-30 16:23 - 2013-01-30 16:23 - 00001077 ____A C:\Users\Dennis\Desktop\Kaspersky Security Scan.lnk
2013-01-30 16:22 - 2013-01-30 16:22 - 00000000 ____D C:\Users\All Users\Kaspersky Lab
2013-01-30 16:22 - 2013-01-30 16:22 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-01-30 16:20 - 2013-01-30 16:20 - 00179984 ____A (Kaspersky Lab) C:\Users\Dennis\Desktop\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2013-01-30 14:46 - 2013-02-01 13:22 - 00000004 ____A C:\Users\Dennis\AppData\Roaming\skype.ini
2013-01-30 13:54 - 2013-01-30 13:54 - 00000618 ____A C:\Windows\PFRO.log
2013-01-29 17:41 - 2013-01-29 17:41 - 00000000 ____D C:\Users\Dennis\4.0
2013-01-29 17:41 - 2013-01-29 17:41 - 00000000 ____D C:\Users\Dennis\.tfo4
2013-01-29 17:38 - 2013-01-29 17:38 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-01-29 17:38 - 2013-01-29 17:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-01-26 18:50 - 2013-01-26 18:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-01-25 06:23 - 2013-01-25 06:23 - 00042880 ____A C:\Windows\SysWOW64\xfcodec.dll
2013-01-25 06:23 - 2013-01-25 06:23 - 00028544 ____A C:\Windows\System32\xfcodec64.dll
2013-01-19 16:38 - 2013-01-19 16:39 - 00000000 ____D C:\Users\Dennis\AppData\Local\Mozilla Firefox
2013-01-15 17:42 - 2013-01-04 16:53 - 09060864 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-01-15 17:42 - 2013-01-04 16:32 - 06029824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-01-11 16:54 - 2010-06-02 04:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-01-11 16:54 - 2010-06-02 04:55 - 00239960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2013-01-11 16:54 - 2010-06-02 04:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-01-11 16:54 - 2010-05-26 11:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-01-11 16:54 - 2010-05-26 11:41 - 01998168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2013-01-11 16:54 - 2010-05-26 11:41 - 01868128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2013-01-11 16:54 - 2010-05-26 11:41 - 00470880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2013-01-11 16:54 - 2010-05-26 11:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-01-11 16:44 - 2013-01-11 16:44 - 00002191 ____A C:\Users\Dennis\Desktop\Need for Speed Most Wanted.lnk
2013-01-11 16:42 - 2013-01-11 16:42 - 00000000 ____D C:\Program Files (x86)\hulumuluch
2013-01-10 17:27 - 2012-12-07 14:20 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
2013-01-10 17:27 - 2012-12-07 14:15 - 02746368 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
2013-01-10 17:27 - 2012-12-07 13:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-01-10 17:27 - 2012-12-07 13:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-01-10 17:27 - 2012-12-07 12:20 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
2013-01-10 17:27 - 2012-12-07 12:20 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
2013-01-10 17:27 - 2012-12-07 12:20 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
2013-01-10 17:27 - 2012-12-07 12:20 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
2013-01-10 17:27 - 2012-12-07 12:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
2013-01-10 17:27 - 2012-12-07 12:19 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
2013-01-10 17:27 - 2012-12-07 12:19 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
2013-01-10 17:27 - 2012-12-07 12:19 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
2013-01-10 17:27 - 2012-12-07 12:19 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
2013-01-10 17:27 - 2012-12-07 12:19 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00046592 ____A (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00045568 ____A (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00044544 ____A (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00043520 ____A (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00040960 ____A (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00030720 ____A (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00021504 ____A (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-01-10 17:27 - 2012-12-07 11:46 - 00015360 ____A (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-01-10 17:27 - 2012-11-22 06:44 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
2013-01-10 17:27 - 2012-11-22 05:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-01-10 17:27 - 2012-11-20 06:48 - 00307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-01-10 17:27 - 2012-11-20 05:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-01-10 17:27 - 2012-11-09 06:45 - 00750592 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-01-10 17:27 - 2012-11-09 05:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-01-10 17:27 - 2012-11-01 06:43 - 02002432 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-01-10 17:27 - 2012-11-01 06:43 - 01882624 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-01-10 17:27 - 2012-11-01 05:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-01-10 17:27 - 2012-11-01 05:47 - 01236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-01-10 17:26 - 2012-12-07 12:20 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
2013-01-10 17:26 - 2012-12-07 12:20 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
2013-01-10 17:26 - 2012-12-07 12:19 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
2013-01-10 17:26 - 2012-12-07 12:19 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
2013-01-10 17:26 - 2012-12-07 11:46 - 00055296 ____A (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-01-10 17:26 - 2012-12-07 11:46 - 00051712 ____A (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-01-10 17:26 - 2012-12-07 11:46 - 00023552 ____A (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-01-10 17:26 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-01-10 17:26 - 2012-11-30 06:45 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-01-10 17:26 - 2012-11-30 06:45 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-01-10 17:26 - 2012-11-30 06:45 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-01-10 17:26 - 2012-11-30 06:45 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-01-10 17:26 - 2012-11-30 06:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-01-10 17:26 - 2012-11-30 06:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-01-10 17:26 - 2012-11-30 06:41 - 00424448 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 06:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:54 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-01-10 17:26 - 2012-11-30 05:53 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-01-10 17:26 - 2012-11-30 05:53 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 04:23 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-01-10 17:26 - 2012-11-30 03:44 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-01-10 17:26 - 2012-11-30 03:44 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-01-10 17:26 - 2012-11-30 03:44 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-01-10 17:26 - 2012-11-30 03:44 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-01-10 17:26 - 2012-11-30 03:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 03:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 03:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 03:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-10 17:26 - 2012-11-30 00:17 - 00420064 ____A C:\Windows\SysWOW64\locale.nls
2013-01-10 17:26 - 2012-11-30 00:15 - 00420064 ____A C:\Windows\System32\locale.nls
2013-01-10 17:26 - 2012-11-23 04:26 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-01-10 17:26 - 2012-11-23 04:13 - 00068608 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-01-09 18:13 - 2013-01-29 18:08 - 00000000 ____D C:\Users\Dennis\Desktop\musik
2013-01-08 20:30 - 2013-02-01 13:22 - 00010360 ____A C:\Windows\setupact.log
2013-01-08 20:30 - 2013-01-08 20:30 - 00000000 ____A C:\Windows\setuperr.log
==================== One Month Modified Files and Folders =======
2013-02-01 13:28 - 2013-02-01 13:28 - 00000000 ____D C:\FRST
2013-02-01 13:22 - 2013-01-30 14:46 - 00000004 ____A C:\Users\Dennis\AppData\Roaming\skype.ini
2013-02-01 13:22 - 2013-01-08 20:30 - 00010360 ____A C:\Windows\setupact.log
2013-02-01 13:22 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-30 20:30 - 2011-02-10 11:36 - 02037232 ____A C:\Windows\WindowsUpdate.log
2013-01-30 19:47 - 2012-04-11 14:34 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-01-30 18:57 - 2011-09-05 20:46 - 00001142 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1027476448-1133028917-2562891829-1001UA.job
2013-01-30 18:57 - 2011-09-05 20:46 - 00001120 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1027476448-1133028917-2562891829-1001Core.job
2013-01-30 16:23 - 2013-01-30 16:23 - 00001077 ____A C:\Users\Dennis\Desktop\Kaspersky Security Scan.lnk
2013-01-30 16:22 - 2013-01-30 16:22 - 00000000 ____D C:\Users\All Users\Kaspersky Lab
2013-01-30 16:22 - 2013-01-30 16:22 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-01-30 16:20 - 2013-01-30 16:20 - 00179984 ____A (Kaspersky Lab) C:\Users\Dennis\Desktop\kss12.0.1.117mlg_en-de_ru-de_fr-de_de-de.exe
2013-01-30 15:39 - 2009-07-14 05:45 - 00014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-30 15:39 - 2009-07-14 05:45 - 00014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-30 15:38 - 2009-07-14 18:58 - 00654150 ____A C:\Windows\System32\perfh007.dat
2013-01-30 15:38 - 2009-07-14 18:58 - 00130022 ____A C:\Windows\System32\perfc007.dat
2013-01-30 15:38 - 2009-07-14 06:13 - 01498742 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-30 15:16 - 2011-05-17 15:35 - 00000410 _RASH C:\Users\All Users\ntuser.pol
2013-01-30 13:54 - 2013-01-30 13:54 - 00000618 ____A C:\Windows\PFRO.log
2013-01-29 19:05 - 2011-11-20 18:38 - 00000072 ____A C:\Users\Public\LMDebug.log
2013-01-29 19:01 - 2010-10-22 12:35 - 00000000 ____D C:\Users\Dennis\AppData\Roaming\Adobe
2013-01-29 18:08 - 2013-01-09 18:13 - 00000000 ____D C:\Users\Dennis\Desktop\musik
2013-01-29 17:41 - 2013-01-29 17:41 - 00000000 ____D C:\Users\Dennis\4.0
2013-01-29 17:41 - 2013-01-29 17:41 - 00000000 ____D C:\Users\Dennis\.tfo4
2013-01-29 17:41 - 2010-10-21 17:36 - 00000000 ____D C:\users\Dennis
2013-01-29 17:39 - 2010-10-25 17:20 - 00000000 ____D C:\Users\All Users\Adobe
2013-01-29 17:38 - 2013-01-29 17:38 - 00002019 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-01-29 17:38 - 2013-01-29 17:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-01-29 17:37 - 2010-10-25 17:21 - 00000000 ____D C:\Users\Dennis\AppData\Local\Adobe
2013-01-27 23:04 - 2010-10-22 12:40 - 00000000 ____D C:\Users\Dennis\AppData\Roaming\Xfire
2013-01-27 15:27 - 2010-12-23 16:49 - 00000000 ____D C:\Users\Dennis\AppData\Roaming\Skype
2013-01-27 15:06 - 2010-10-23 13:29 - 00281768 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-01-27 15:06 - 2010-10-23 13:29 - 00281768 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-01-27 15:05 - 2010-10-23 13:29 - 00269288 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-01-27 14:53 - 2010-10-22 12:39 - 00000000 ____D C:\Users\All Users\Xfire
2013-01-26 18:50 - 2013-01-26 18:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-01-26 18:50 - 2010-12-23 16:49 - 00000000 ____D C:\Users\All Users\Skype
2013-01-26 12:43 - 2010-10-22 12:39 - 00000000 ____D C:\Program Files (x86)\Xfire
2013-01-25 06:23 - 2013-01-25 06:23 - 00042880 ____A C:\Windows\SysWOW64\xfcodec.dll
2013-01-25 06:23 - 2013-01-25 06:23 - 00028544 ____A C:\Windows\System32\xfcodec64.dll
2013-01-19 16:39 - 2013-01-19 16:38 - 00000000 ____D C:\Users\Dennis\AppData\Local\Mozilla Firefox
2013-01-19 15:07 - 2010-10-22 12:29 - 00000000 ____D C:\Users\Dennis\AppData\Roaming\ICQ
2013-01-15 17:36 - 2012-07-04 15:23 - 00000000 ____D C:\Users\Dennis\Desktop\Die Drei Fragezeichen
2013-01-14 18:45 - 2010-10-25 08:57 - 00000000 ____D C:\Users\Dennis\AppData\Roaming\Media Player Classic
2013-01-11 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-01-11 16:55 - 2010-11-19 13:38 - 00000000 ____D C:\Users\Dennis\Documents\Criterion Games
2013-01-11 16:44 - 2013-01-11 16:44 - 00002191 ____A C:\Users\Dennis\Desktop\Need for Speed Most Wanted.lnk
2013-01-11 16:42 - 2013-01-11 16:42 - 00000000 ____D C:\Program Files (x86)\hulumuluch
2013-01-11 15:43 - 2009-07-14 05:45 - 00413624 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-10 22:17 - 2010-10-22 16:07 - 00000000 ____D C:\Users\All Users\Microsoft Help
2013-01-10 22:09 - 2010-11-17 11:27 - 67599240 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-01-10 21:58 - 2010-12-23 22:31 - 00000000 ____D C:\Users\Dennis\AppData\Roaming\TeamViewer
2013-01-10 20:51 - 2012-10-11 23:25 - 00000000 ____D C:\Users\Dennis\Desktop\Der Herr der Ringe
2013-01-10 17:47 - 2012-04-11 14:34 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-01-10 17:47 - 2011-05-18 21:43 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-01-08 20:30 - 2013-01-08 20:30 - 00000000 ____A C:\Windows\setuperr.log
2013-01-04 16:53 - 2013-01-15 17:42 - 09060864 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-01-04 16:32 - 2013-01-15 17:42 - 06029824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1027476448-1133028917-2562891829-1001\$0fa14cb40e0202cf18556cd2710fa41f
ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$0fa14cb40e0202cf18556cd2710fa41f
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-11-11 20:07:08
Restore point made on: 2012-11-15 23:35:27
Restore point made on: 2012-11-20 20:23:08
Restore point made on: 2012-11-27 17:56:21
Restore point made on: 2012-11-27 18:03:30
Restore point made on: 2012-11-28 21:59:57
Restore point made on: 2012-12-04 17:36:05
Restore point made on: 2012-12-10 12:32:06
Restore point made on: 2012-12-12 19:06:45
Restore point made on: 2012-12-20 15:35:56
Restore point made on: 2012-12-22 01:29:44
Restore point made on: 2013-01-05 18:45:27
Restore point made on: 2013-01-08 21:46:08
Restore point made on: 2013-01-10 22:06:42
Restore point made on: 2013-01-11 16:54:23
Restore point made on: 2013-01-15 17:40:28
Restore point made on: 2013-01-15 19:33:00
Restore point made on: 2013-01-18 14:32:44
Restore point made on: 2013-01-23 17:23:56
Restore point made on: 2013-01-29 17:23:35
Restore point made on: 2013-01-30 15:25:16
Restore point made on: 2013-01-30 15:31:20
Restore point made on: 2013-01-30 17:34:16
==================== Memory info ===========================
Percentage of memory in use: 14%
Total physical RAM: 4094.3 MB
Available physical RAM: 3506.66 MB
Total Pagefile: 4092.45 MB
Available Pagefile: 3484.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:576.16 GB) (Free:327.15 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (RECOVER) (Fixed) (Total:20 GB) (Free:9.97 GB) FAT32
7 Drive i: (XORO_PVR) (Fixed) (Total:74.5 GB) (Free:19.95 GB) FAT32
8 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 596 GB 1024 KB
Datentr„ger 1 Kein Medium 0 B 0 B
Datentr„ger 2 Kein Medium 0 B 0 B
Datentr„ger 3 Kein Medium 0 B 0 B
Datentr„ger 4 Online 74 GB 7168 KB
Partitions of Disk 0:
===============
Datentr„ger-ID: D38534DE
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 576 GB 1024 KB
Partition 0 Erweitert 20 GB 576 GB
Partition 2 Logisch 20 GB 576 GB
==================================================================================
Disk: 0
Partition 1
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 576 GB Fehlerfre
=========================================================
Disk: 0
Partition 2
Typ : 0B
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D RECOVER FAT32 Partition 20 GB Fehlerfre
=========================================================
Disk: 0
Partition 2
Typ : 0B
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D RECOVER FAT32 Partition 20 GB Fehlerfre
=========================================================
Partitions of Disk 4:
===============
Datentr„ger-ID: 874FC960
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 0 Erweitert 74 GB 8032 KB
Partition 1 Logisch 74 GB 8064 KB
==================================================================================
Disk: 4
Partition 1
Typ : 0B
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 I XORO_PVR FAT32 Partition 74 GB Fehlerfre
=========================================================
Disk: 4
Partition 1
Typ : 0B
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 I XORO_PVR FAT32 Partition 74 GB Fehlerfre
=========================================================
Last Boot: 2013-01-24 19:56
==================== End Of Log =============================
01.02.2013, 13:36
Baum-Darstellung