| |
| |||||||
Log-Analyse und Auswertung: Frisches Internet, laggt einige sek., in Min.-AbständenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.08.2013, 09:51
| #1 |
 |  Frisches Internet, laggt einige sek., in Min.-Abständen Guten Morgen leibe Gemeinde, ich habe seit 1 Tag den neuen Anschluss der Tele 2 erhalten. Soweit bin ich auch zufrieden, dass es überhaupt Internet gibt, jedoch gibt es für gewöhnlich "freezes", welche sich in Online-Spielen und Video schauen bemerkbar machen. Diese finden in Minütigen abständen statt und dauern circa 2 - 6 Sekunden an. Danach läuft alles wieder normal. Aber schön ist es nicht. Ich weiß nicht auf welche weisen ich es optimieren könnte, sprich Verbesserungsmaßnahmen vornehmen kann. Vielleicht kann mir hier jemand helfen? Danke im voraus. |
|
07.08.2013, 10:21
| #2 |
| /// the machine /// TB-Ausbilder    | Frisches Internet, laggt einige sek., in Min.-Abständen hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ |
|
07.08.2013, 15:59
| #3 |
| | Frisches Internet, laggt einige sek., in Min.-Abständen FRST Logfile:
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-08-2013
Ran by Administrator (administrator) on 07-08-2013 15:28:49
Running from C:\Users\Administrator\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKCU\...\Run: [EPSON SX420W Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S5B0B.tmp" /EF "HKCU" [x]
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-05] (DT Soft Ltd)
MountPoints2: {5d1f6732-f7aa-11e2-9d75-84e0c3121e9e} - J:\YDKJAutorun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
IMEO\AcroRd32.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\backitup.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\coverdes.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\discspeed.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\drivespeed.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\excel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\groove.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\infopath.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\infotool.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\msaccess.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\msoxmled.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\mspub.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\mstore.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\nero.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\neroburnrights.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\neromediahome.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\neroscoutoptions.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\nerostartsmart.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\neroupgrade.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\nerovision.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\offdiag.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\ois.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\onenote.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\outlook.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\powerpnt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\recode.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\setupx.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\showtime.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\waveedit.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IMEO\winword.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
==================== Internet (Whitelisted) ====================
URLSearchHook: (No Name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {767F539A-4BAA-46BB-B7B7-C72B6980BDD9} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU -No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKCU -No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default
FF user.js: detected! => C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\user.js
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\searchplugins\daemon-search.xml
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\
FF Extension: Norton IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S4 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [380928 2010-01-08] (Spigot, Inc.)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\17.7.0.12\diMaster.dll [135032 2010-04-30] (Symantec Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1699168 2012-09-19] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R0 AFS; C:\Windows\System32\Drivers\AFS.sys [77004 2010-08-22] (Oak Technology Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [97296 2010-11-17] (Advanced Micro Devices)
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [1002072 2013-07-15] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NIS\1107000.00C\ccHPx86.sys [501888 2010-02-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218176 2013-07-28] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2013-08-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2013-08-06] (Symantec Corporation)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. )
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130806.001\IDSvix86.sys [386720 2013-08-04] (Symantec Corporation)
S3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2010-06-25] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130806.019\NAVENG.SYS [93272 2013-08-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130806.019\NAVEX15.SYS [1611992 2013-08-06] (Symantec Corporation)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [1690784 2013-02-06] (Ralink Technology, Corp.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\wg111v3.sys [348160 2009-10-14] (NETGEAR Inc. )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2010-09-24] ()
R1 SRTSP; C:\Windows\System32\Drivers\NIS\1107000.00C\SRTSP.SYS [325680 2010-04-22] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1107000.00C\SRTSPX.SYS [43696 2010-04-22] (Symantec Corporation)
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [58320 2005-08-30] (MCCI)
R0 SymDS; C:\Windows\System32\drivers\NIS\1107000.00C\SYMDS.SYS [328752 2009-08-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1107000.00C\SYMEFA.SYS [173104 2010-04-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124976 2013-07-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1107000.00C\Ironx86.SYS [116784 2010-04-29] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1107000.00C\SYMTDIV.SYS [339504 2010-05-06] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [91527 2005-02-26] (VM)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S0 TfFsMon; system32\drivers\TfFsMon.sys [x]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [x]
S0 TfSysMon; system32\drivers\TfSysMon.sys [x]
U2 wuaserv;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-07 15:26 - 2013-08-07 15:26 - 00002217 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-08-07 12:01 - 2013-08-07 12:01 - 00000000 ____D C:\FRST
2013-08-07 11:58 - 2013-08-07 11:59 - 01229076 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe
2013-08-07 11:58 - 2013-08-07 11:58 - 00760937 _____ (Farbar) C:\Users\Administrator\Downloads\MiniToolBox.exe
2013-08-07 10:11 - 2007-05-09 14:06 - 00000052 _____ C:\Users\Administrator\Desktop\Starten.bat
2013-08-07 10:11 - 2007-05-09 14:00 - 00000051 _____ C:\Users\Administrator\Desktop\Stoppen.bat
2013-08-06 21:04 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-06 21:04 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-06 21:04 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-06 21:04 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-06 21:04 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-06 21:04 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-06 21:04 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-06 21:04 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-06 21:04 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-06 21:04 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-06 21:04 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-06 21:04 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-06 21:04 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-06 21:04 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-06 21:04 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-06 21:04 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-06 19:55 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-06 19:55 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-06 19:55 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-06 19:55 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-06 19:55 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-08-06 19:55 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-08-06 19:55 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-08-06 19:55 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-08-06 19:55 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-08-06 19:55 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-08-06 19:55 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-08-06 19:55 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-08-06 19:54 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-08-06 19:54 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-06 19:54 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-06 19:54 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-08-06 19:54 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-08-06 19:54 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-08-06 19:54 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-08-06 19:36 - 2009-10-14 09:07 - 00348160 _____ (NETGEAR Inc. ) C:\Windows\system32\Drivers\wg111v3.sys
2013-07-28 21:42 - 2013-07-28 22:04 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Microsoft Games
2013-07-28 20:56 - 2013-07-28 20:56 - 00001068 _____ C:\Users\Administrator\Desktop\Ultimate Pinball Challenge.lnk
2013-07-28 20:56 - 2013-07-28 20:56 - 00000000 ____D C:\Program Files\rondomedia
2013-07-28 20:56 - 2005-09-06 15:31 - 00258352 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2013-07-28 20:56 - 2005-09-06 15:29 - 00921600 _____ C:\Windows\system32\vorbisenc.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00237568 _____ () C:\Windows\system32\OggDS.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00188416 _____ C:\Windows\system32\vorbis.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00045056 _____ C:\Windows\system32\ogg.dll
2013-07-28 20:56 - 2005-09-06 15:23 - 01712128 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2013-07-28 20:27 - 2013-07-28 20:27 - 00001775 ____R C:\Users\Public\Desktop\You Don't Know Jack 4.lnk
2013-07-28 20:20 - 2013-07-28 20:33 - 00000000 ____D C:\Program Files\You Don't Know Jack 4
2013-07-28 20:16 - 2013-07-28 20:16 - 00218176 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-28 20:15 - 2013-07-28 20:16 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-28 20:15 - 2013-07-28 20:15 - 00001739 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
==================== One Month Modified Files and Folders =======
2013-08-07 15:26 - 2013-08-07 15:26 - 00002217 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-08-07 15:26 - 2013-07-02 20:27 - 00000000 ____D C:\Windows\system32\Drivers\NIS
2013-08-07 15:26 - 2013-01-23 23:18 - 00842972 _____ C:\Windows\PFRO.log
2013-08-07 15:26 - 2010-06-25 13:39 - 00000000 ____D C:\Program Files\Steam
2013-08-07 15:26 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-07 15:26 - 2006-11-02 14:47 - 00003264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-07 15:26 - 2006-11-02 14:47 - 00003264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-07 12:02 - 2010-06-25 11:07 - 01194973 _____ C:\Windows\WindowsUpdate.log
2013-08-07 12:02 - 2006-11-02 15:01 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-07 12:01 - 2013-08-07 12:01 - 00000000 ____D C:\FRST
2013-08-07 11:59 - 2013-08-07 11:58 - 01229076 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe
2013-08-07 11:58 - 2013-08-07 11:58 - 00760937 _____ (Farbar) C:\Users\Administrator\Downloads\MiniToolBox.exe
2013-08-07 11:44 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-07 11:31 - 2012-07-24 16:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-07 08:34 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-07 08:05 - 2010-06-28 22:18 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Adobe
2013-08-07 08:04 - 2012-07-24 16:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-07 08:04 - 2012-07-24 16:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-07 08:03 - 2006-11-02 12:33 - 01489310 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-07 07:58 - 2006-11-02 14:47 - 00396600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-07 07:55 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-08-07 07:55 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-06 21:19 - 2011-02-03 00:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-06 20:56 - 2010-10-26 23:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-06 20:55 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-06 19:36 - 2010-06-25 12:36 - 00000000 ____D C:\Users\Administrator
2013-07-29 10:56 - 2010-06-25 15:19 - 00016896 _____ C:\Users\ADMINI~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-29 10:56 - 2010-06-25 15:19 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-07-28 22:04 - 2013-07-28 21:42 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Microsoft Games
2013-07-28 20:56 - 2013-07-28 20:56 - 00001068 _____ C:\Users\Administrator\Desktop\Ultimate Pinball Challenge.lnk
2013-07-28 20:56 - 2013-07-28 20:56 - 00000000 ____D C:\Program Files\rondomedia
2013-07-28 20:33 - 2013-07-28 20:20 - 00000000 ____D C:\Program Files\You Don't Know Jack 4
2013-07-28 20:27 - 2013-07-28 20:27 - 00001775 ____R C:\Users\Public\Desktop\You Don't Know Jack 4.lnk
2013-07-28 20:16 - 2013-07-28 20:16 - 00218176 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-28 20:16 - 2013-07-28 20:15 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-28 20:15 - 2013-07-28 20:15 - 00001739 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-07-28 20:12 - 2011-01-12 00:07 - 00000000 ____D C:\Program Files\Common Files\SWF Studio
2013-07-12 17:00 - 2011-06-13 15:48 - 02310300 _____ C:\Users\Administrator\Documents\a.dst
Files to move or delete:
====================
C:\Users\Administrator\jagex_cl_runescape_LIVE.dat
C:\Users\Administrator\jagex_cl_runescape_LIVE1.dat
C:\Users\Administrator\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Administrator\jagex_runescape_preferences.dat
C:\Users\Administrator\jagex_runescape_preferences2.dat
C:\Users\Administrator\jagex__preferences3.dat
C:\Users\Administrator\random.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-07 08:02
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-08-2013
Ran by Administrator at 2013-08-07 15:29:34
Running from C:\Users\Administrator\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.16 beta
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.6) - Deutsch (Version: 10.1.6)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
AMD APP SDK Runtime (Version: 2.4.595.1)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
ASUS VGA Driver (Version: 3.0.0.1)
ATI AVIVO Codecs (Version: 11.6.0.10309)
ATI Catalyst Install Manager (Version: 3.0.820.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0309.2206.39672)
Catalyst Control Center InstallProxy (Version: 2011.0309.2206.39672)
Catalyst Control Center Localization All (Version: 2011.0309.2206.39672)
Catalyst Control Center Profiles Desktop (Version: 2011.0309.2206.39672)
CCC Help German (Version: 2011.0309.2205.39672)
ccc-utility (Version: 2011.0309.2206.39672)
CCleaner (Version: 2.35)
Company of Heroes - FAKEMSI (Version: 2.0.0.0)
Company of Heroes (Version: 2.602.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Counter-Strike: Source
DAEMON Tools Lite (Version: 4.40.1.0127)
DHTML Editing Component (Version: 6.02.0001)
DivX-Setup (Version: 2.3.0.20)
Dropbox (HKCU Version: 1.6.13)
Epson Easy Photo Print 2 (Version: 2.2.0.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 2.40.0001)
EPSON Scan
EPSON SX420W Series Handbuch
EPSON SX420W Series Netzwerk-Handbuch
EPSON SX420W Series Printer Uninstall
EpsonNet Print (Version: 2.4i)
EpsonNet Setup 3.2 (Version: 3.2a)
Free Audio CD Burner version 1.4.7
Free Mp3 Wma Converter V 1.9 (Version: 1.9.0.0)
Free Videos To DVD V 3.2.0 (Version: 3.2.0.0)
Free YouTube to MP3 Converter version 3.9.32
HP Speicher-Disc (Version: 1.0.4.805)
HydraVision (Version: 4.2.188.0)
Intel(R) PRO Network Connections 12.2.41.0 (Version: 12.2.41.0)
Japanese Fonts Support For Adobe Reader 8 (Version: 8.0)
Java Auto Updater (Version: 2.0.7.2)
Java(TM) 6 Update 37 (Version: 6.0.370)
Media Go Video Playback Engine 1.32.102.05130 (Version: 1.32.102.05130)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 Essentials (Version: 8.3.500)
neroxml (Version: 1.0.0)
Norton Internet Security (Version: 17.7.0.12)
NVIDIA Install Application (Version: 2.265.36.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514)
Paint.NET v3.5.6 (Version: 3.56.0)
PBP Unpacker v0.94
Pcsx2 0.9.6 (Version: 1.0.0)
PlayStation(R)Network Downloader (Version: 2.03.00126)
PlayStation(R)Store (Version: 3.2.11.09227)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.5470)
Search Settings v1.2.3
Security Task Manager 1.8d (Version: 1.8d)
Sony Vegas Pro 8.0 (Version: 8.0.217)
SPC 200NC PC Camera
Steam (Version: 1.0.0.0)
System Requirements Lab
System Requirements Lab CYRI (Version: 4.5.1.0)
TuneUp Utilities 2013 (Version: 13.0.2020.4)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.2020.4)
Ultimate Pinball Challenge
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.1.7 (Version: 1.1.7)
WinAce Archiver (Version: 2.69)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
X10 Hardware(TM)
You Don't Know Jack 4 1.00 (Version: 1.00)
==================== Restore Points =========================
24-03-2013 16:34:52 Windows Update
11-04-2013 13:28:24 Windows Update
11-04-2013 18:11:52 Windows Update
15-04-2013 11:03:11 Windows Update
15-05-2013 12:19:55 Windows Update
15-05-2013 14:18:26 Windows Update
02-07-2013 18:02:49 Removed Facebook Video Calling 1.2.0.287
02-07-2013 18:03:29 OpenOffice.org 3.2 wird entfernt
28-07-2013 18:16:05 Gerätetreiber-Paketinstallation: Disc-Soft Systemgeräte
06-08-2013 17:36:32 Gerätetreiber-Paketinstallation: NETGEAR Inc. Netzwerkadapter
06-08-2013 18:54:50 Windows Update
==================== Hosts content: ==========================
2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {194F008F-102C-4B47-B6DD-BB70E7873DD3} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2759149398-2283779644-1834780198-500 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {34024775-9B25-48D4-AF08-DA9A19BA6391} - System32\Tasks\User_Feed_Synchronization-{2088D931-66F3-4532-8CFA-7ECA0BE7253B} => C:\Windows\system32\msfeedssync.exe [2011-06-06] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {495B6E3E-D8FD-453C-9249-BC9F9F4B297A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500UA => C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: {5288FC4A-01A4-4185-83EC-F91BE6A5172B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {531E3A58-FD98-45D6-853C-209A023C591B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software)
Task: {55C6E582-2636-4DE5-AD4F-07ACB9E59692} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-19] (Microsoft Corporation)
Task: {60D3AFDA-F4EE-4C12-ABED-E752C6E9F06B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-07] (Adobe Systems Incorporated)
Task: {945CE2DA-645D-4342-953C-E3D159A3660D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-19] (Microsoft Corp.)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-19] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {B2768D68-623C-48B8-9EE8-7226DB09EA3A} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03] (Adobe Systems Incorporated)
Task: {C6B9BDA7-4542-487A-8988-E066A52F2463} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2010-06-25] ()
Task: {E9DFF417-CBD9-45D0-B6BD-8097732E9E4F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17] (Sun Microsystems, Inc.)
Task: {F4F91970-6E17-46C8-B031-512AB21BB6D9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {FDE860E7-D2C8-4714-8D4B-0435CCC68321} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500Core => C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500Core.job => C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500UA.job => C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Faulty Device Manager Devices =============
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (08/06/2013 07:38:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/25/2013 05:09:23 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung TuneUpUtilitiesService32.exe, Version 13.0.2020.4, Zeitstempel 0x5059905e, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode 0xc0000005, Fehleroffset 0x00066422,
Prozess-ID 0x934, Anwendungsstartzeit TuneUpUtilitiesService32.exe0.
Error: (07/11/2013 08:44:41 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/02/2013 08:06:28 PM) (Source: RasClient) (User: )
Description: CoID={0174F388-B8D1-4F86-BB27-98B285EF4FD5}: Der Benutzer "Bwuk\Administrator" hat eine Verbindung mit dem Namen "T-ONLINE" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 815.
Error: (05/23/2013 01:51:38 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 20.0.1.4847, Zeitstempel 0x51650aee, fehlerhaftes Modul xul.dll, Version 20.0.1.4847, Zeitstempel 0x51650a09, Ausnahmecode 0xc0000005, Fehleroffset 0x000b10e8,
Prozess-ID 0xf98, Anwendungsstartzeit firefox.exe0.
Error: (05/16/2013 09:13:33 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (05/15/2013 04:37:09 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil because of the following error: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (Exception from HRESULT: 0x80070020).
Error: (05/15/2013 04:17:14 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 20.0.1.4847, Zeitstempel 0x51650aee, fehlerhaftes Modul xul.dll, Version 20.0.1.4847, Zeitstempel 0x51650a09, Ausnahmecode 0xc0000005, Fehleroffset 0x000b10e8,
Prozess-ID 0x1508, Anwendungsstartzeit firefox.exe0.
Error: (04/15/2013 01:56:12 PM) (Source: Application Hang) (User: )
Description: Programm ccSvcHst.exe, Version 109.0.4.9 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: c60
Anfangszeit: 01ce39c7a5737e3a
Zeitpunkt der Beendigung: 15
Error: (02/09/2013 05:57:55 PM) (Source: MsiInstaller) (User: Bwuk)
Description: Produkt: Adobe Reader X (10.1.5) - Deutsch - Update "Adobe Reader X (10.1.5)" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
System errors:
=============
Error: (08/07/2013 03:26:55 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (08/07/2013 00:02:26 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/07/2013 07:58:38 AM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (08/06/2013 08:54:10 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/06/2013 07:13:15 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (08/03/2013 11:39:28 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/03/2013 10:56:45 AM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (08/03/2013 08:25:24 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/03/2013 08:02:09 AM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (07/30/2013 08:44:52 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-07-02 20:28:03.690
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-02 20:28:03.564
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-02 20:28:03.438
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-02 20:28:03.300
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-22 07:18:46.649
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-22 07:18:46.513
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-22 07:18:46.371
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-22 07:18:46.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-13 10:03:37.335
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-13 10:03:37.211
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 2045.45 MB
Available physical RAM: 877 MB
Total Pagefile: 4333.92 MB
Available Pagefile: 2814.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.39 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:279.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:1.19 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 24B9B06A)
Partition 1: (Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
==================== End Of Log ============================
Ich denke, du meinst sicher nicht "Reset IE Proxy Settings" in der 5. Zeile, sondern "FF" anstelle "IE", denn da habe ich annehmend das Häkchen eingesetzt. Code:
ATTFilter MiniToolBox by Farbar Version: 13-07-2013
Ran by Administrator (administrator) on 07-08-2013 at 15:35:44
Running from "C:\Users\Administrator\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
::1 localhost
127.0.0.1 localhost
========================= IP Configuration: ================================
NETGEAR WG111v3 Wireless-G USB Adapter = Drahtlosnetzwerkverbindung 2 (Connected)
Intel(R) 82562V-2 10/100 Network Connection = LAN-Verbindung (Media disconnected)
802.11 n/g/b Wireless LAN USB Adapter = Drahtlosnetzwerkverbindung (Media disconnected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : Bwuk
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Gemischt
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : lan
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 2:
Verbindungsspezifisches DNS-Suffix: lan
Beschreibung. . . . . . . . . . . : NETGEAR WG111v3 Wireless-G USB Adapter
Physikalische Adresse . . . . . . : 00-1E-2A-45-7A-57
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::3559:c210:dd27:d096%36(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.1.1(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Mittwoch, 7. August 2013 15:26:50
Lease l„uft ab. . . . . . . . . . : Donnerstag, 8. August 2013 15:26:50
Standardgateway . . . . . . . . . : 192.168.1.254
DHCP-Server . . . . . . . . . . . : 192.168.1.254
DHCPv6-IAID . . . . . . . . . . . : 687873578
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-13-B6-3A-D7-00-1D-92-26-6B-78
DNS-Server . . . . . . . . . . . : 192.168.1.254
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : 802.11 n/g/b Wireless LAN USB Adapter
Physikalische Adresse . . . . . . : 00-15-AF-44-6B-99
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: Speedport_W_502V_Typ_A
Beschreibung. . . . . . . . . . . : Intel(R) 82562V-2 10/100 Network Connection
Physikalische Adresse . . . . . . : 00-1D-92-26-6B-78
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 6:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.Speedport_W_502V_Typ_A
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 7:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 02-00-54-55-4E-01
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 11:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 19:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : 6TO4 Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 22:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 23:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : 6TO4 Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 24:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 26:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 27:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 28:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 29:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 31:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : isatap.{B2F2364E-BFD8-414C-B944-0533B6F89083}
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 32:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : 6TO4 Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung* 33:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: lan
Beschreibung. . . . . . . . . . . : isatap.lan
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Server: dsldevice.lan
Address: 192.168.1.254
Name: google.com
Addresses: 2a00:1450:400f:801::1008
173.194.32.34
173.194.32.35
173.194.32.36
173.194.32.37
173.194.32.38
173.194.32.39
173.194.32.40
173.194.32.41
173.194.32.46
173.194.32.32
173.194.32.33
Ping wird ausgefhrt fr google.com [173.194.32.41] mit 32 Bytes Daten:
Antwort von 173.194.32.41: Bytes=32 Zeit=45ms TTL=50
Antwort von 173.194.32.41: Bytes=32 Zeit=44ms TTL=50
Ping-Statistik fr 173.194.32.41:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 44ms, Maximum = 45ms, Mittelwert = 44ms
Server: dsldevice.lan
Address: 192.168.1.254
Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45
Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=186ms TTL=49
Antwort von 206.190.36.45: Bytes=32 Zeit=201ms TTL=48
Ping-Statistik fr 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 186ms, Maximum = 201ms, Mittelwert = 193ms
Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Ping-Statistik fr 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0 (0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
36 ...00 1e 2a 45 7a 57 ...... NETGEAR WG111v3 Wireless-G USB Adapter
33 ...00 15 af 44 6b 99 ...... 802.11 n/g/b Wireless LAN USB Adapter
8 ...00 1d 92 26 6b 78 ...... Intel(R) 82562V-2 10/100 Network Connection
1 ........................... Software Loopback Interface 1
35 ...00 00 00 00 00 00 00 e0 isatap.Speedport_W_502V_Typ_A
9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
19 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
24 ...00 00 00 00 00 00 00 e0 isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
23 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
25 ...00 00 00 00 00 00 00 e0 isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
27 ...00 00 00 00 00 00 00 e0 isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
28 ...00 00 00 00 00 00 00 e0 isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
29 ...00 00 00 00 00 00 00 e0 isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
30 ...00 00 00 00 00 00 00 e0 isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC}
34 ...00 00 00 00 00 00 00 e0 isatap.{B2F2364E-BFD8-414C-B944-0533B6F89083}
32 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
37 ...00 00 00 00 00 00 00 e0 isatap.lan
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.1 25
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.1.0 255.255.255.0 Auf Verbindung 192.168.1.1 281
192.168.1.1 255.255.255.255 Auf Verbindung 192.168.1.1 281
192.168.1.255 255.255.255.255 Auf Verbindung 192.168.1.1 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.1.1 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.1.1 281
===========================================================================
St„ndige Routen:
Keine
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
1 306 ::1/128 Auf Verbindung
36 281 fe80::/64 Auf Verbindung
36 281 fe80::3559:c210:dd27:d096/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
36 281 ff00::/8 Auf Verbindung
===========================================================================
St„ndige Routen:
Keine
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (08/06/2013 07:38:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/25/2013 05:09:23 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung TuneUpUtilitiesService32.exe, Version 13.0.2020.4, Zeitstempel 0x5059905e, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5, Ausnahmecode 0xc0000005, Fehleroffset 0x00066422,
Prozess-ID 0x934, Anwendungsstartzeit TuneUpUtilitiesService32.exe0.
Error: (07/11/2013 08:44:41 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (07/02/2013 08:06:28 PM) (Source: RasClient) (User: )
Description: CoID={0174F388-B8D1-4F86-BB27-98B285EF4FD5}: Der Benutzer "Bwuk\Administrator" hat eine Verbindung mit dem Namen "T-ONLINE" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 815.
Error: (05/23/2013 01:51:38 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 20.0.1.4847, Zeitstempel 0x51650aee, fehlerhaftes Modul xul.dll, Version 20.0.1.4847, Zeitstempel 0x51650a09, Ausnahmecode 0xc0000005, Fehleroffset 0x000b10e8,
Prozess-ID 0xf98, Anwendungsstartzeit firefox.exe0.
Error: (05/16/2013 09:13:33 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (05/15/2013 04:37:09 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil because of the following error: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. (Exception from HRESULT: 0x80070020).
Error: (05/15/2013 04:17:14 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 20.0.1.4847, Zeitstempel 0x51650aee, fehlerhaftes Modul xul.dll, Version 20.0.1.4847, Zeitstempel 0x51650a09, Ausnahmecode 0xc0000005, Fehleroffset 0x000b10e8,
Prozess-ID 0x1508, Anwendungsstartzeit firefox.exe0.
Error: (04/15/2013 01:56:12 PM) (Source: Application Hang) (User: )
Description: Programm ccSvcHst.exe, Version 109.0.4.9 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: c60
Anfangszeit: 01ce39c7a5737e3a
Zeitpunkt der Beendigung: 15
Error: (02/09/2013 05:57:55 PM) (Source: MsiInstaller) (User: Bwuk)
Description: Produkt: Adobe Reader X (10.1.5) - Deutsch - Update "Adobe Reader X (10.1.5)" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
System errors:
=============
Error: (08/07/2013 03:26:55 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (08/07/2013 00:02:26 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/07/2013 07:58:38 AM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (08/06/2013 08:54:10 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/06/2013 07:13:15 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (08/03/2013 11:39:28 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/03/2013 10:56:45 AM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (08/03/2013 08:25:24 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/03/2013 08:02:09 AM) (Source: Service Control Manager) (User: )
Description: i8042prt
Lbd
TfFsMon
TfSysMon
Error: (07/30/2013 08:44:52 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-07-02 20:28:03.690
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-02 20:28:03.564
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-02 20:28:03.438
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-07-02 20:28:03.300
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-22 07:18:46.649
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-22 07:18:46.513
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-22 07:18:46.371
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-04-22 07:18:46.245
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-13 10:03:37.335
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-13 10:03:37.211
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Symantec\TEMP.^^^\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
=========================== Installed Programs ============================
Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.16 beta
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Reader X (10.1.6) - Deutsch (Version: 10.1.6)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
AMD APP SDK Runtime (Version: 2.4.595.1)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
ASUS VGA Driver (Version: 3.0.0.1)
ATI AVIVO Codecs (Version: 11.6.0.10309)
ATI Catalyst Install Manager (Version: 3.0.820.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0309.2206.39672)
Catalyst Control Center InstallProxy (Version: 2011.0309.2206.39672)
Catalyst Control Center Localization All (Version: 2011.0309.2206.39672)
Catalyst Control Center Profiles Desktop (Version: 2011.0309.2206.39672)
CCC Help German (Version: 2011.0309.2205.39672)
ccc-utility (Version: 2011.0309.2206.39672)
CCleaner (Version: 2.35)
Company of Heroes - FAKEMSI (Version: 2.0.0.0)
Company of Heroes (Version: 2.602.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Counter-Strike: Source
DAEMON Tools Lite (Version: 4.40.1.0127)
DHTML Editing Component (Version: 6.02.0001)
DivX-Setup (Version: 2.3.0.20)
Dropbox (Version: 1.6.13)
Epson Easy Photo Print 2 (Version: 2.2.0.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 2.40.0001)
EPSON Scan
EPSON SX420W Series Handbuch
EPSON SX420W Series Netzwerk-Handbuch
EPSON SX420W Series Printer Uninstall
EpsonNet Print (Version: 2.4i)
EpsonNet Setup 3.2 (Version: 3.2a)
Free Audio CD Burner version 1.4.7
Free Mp3 Wma Converter V 1.9 (Version: 1.9.0.0)
Free Videos To DVD V 3.2.0 (Version: 3.2.0.0)
Free YouTube to MP3 Converter version 3.9.32
HP Speicher-Disc (Version: 1.0.4.805)
HydraVision (Version: 4.2.188.0)
Intel(R) PRO Network Connections 12.2.41.0 (Version: 12.2.41.0)
Japanese Fonts Support For Adobe Reader 8 (Version: 8.0)
Java Auto Updater (Version: 2.0.7.2)
Java(TM) 6 Update 37 (Version: 6.0.370)
Media Go Video Playback Engine 1.32.102.05130 (Version: 1.32.102.05130)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)
Mozilla Firefox 21.0 (x86 de) (Version: 21.0)
Mozilla Maintenance Service (Version: 21.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 Essentials (Version: 8.3.500)
neroxml (Version: 1.0.0)
Norton Internet Security (Version: 17.7.0.12)
NVIDIA Install Application (Version: 2.265.36.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514)
Paint.NET v3.5.6 (Version: 3.56.0)
PBP Unpacker v0.94
Pcsx2 0.9.6 (Version: 1.0.0)
PlayStation(R)Network Downloader (Version: 2.03.00126)
PlayStation(R)Store (Version: 3.2.11.09227)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.5470)
Search Settings v1.2.3
Security Task Manager 1.8d (Version: 1.8d)
Sony Vegas Pro 8.0 (Version: 8.0.217)
SPC 200NC PC Camera
Steam (Version: 1.0.0.0)
System Requirements Lab
System Requirements Lab CYRI (Version: 4.5.1.0)
TuneUp Utilities 2013 (Version: 13.0.2020.4)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.2020.4)
Ultimate Pinball Challenge
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.1.7 (Version: 1.1.7)
WinAce Archiver (Version: 2.69)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
X10 Hardware(TM)
You Don't Know Jack 4 1.00 (Version: 1.00)
========================= Memory info: ===================================
Percentage of memory in use: 55%
Total physical RAM: 2045.45 MB
Available physical RAM: 904.13 MB
Total Pagefile: 4333.92 MB
Available Pagefile: 2921.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.65 MB
========================= Partitions: =====================================
1 Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:279.27 GB) NTFS
2 Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:1.19 GB) FAT32
========================= Users: ========================================
Benutzerkonten fr \\BWUK
Administrator ASPNET Gast
Der Befehl wurde erfolgreich ausgefhrt.
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
|
|
07.08.2013, 20:24
| #4 | |
| /// the machine /// TB-Ausbilder | Frisches Internet, laggt einige sek., in Min.-Abständen Tune Up deinstallieren > Müll Norton komplett deinstallieren > Müll Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.08.2013, 21:52
| #5 |
| | Frisches Internet, laggt einige sek., in Min.-AbständenCode:
ATTFilter ComboFix 13-08-07.01 - Administrator 07.08.2013 22:35:28.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.2045.778 [GMT 2:00]
ausgeführt von:: c:\users\Administrator\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\DSC05832.JPG
c:\program files\Search Settings
c:\program files\Search Settings\FF\chrome.manifest
c:\program files\Search Settings\FF\chrome\content\plugin.js
c:\program files\Search Settings\FF\chrome\content\plugin.xul
c:\program files\Search Settings\FF\chrome\content\protection.js
c:\program files\Search Settings\FF\chrome\content\utils.js
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties
c:\program files\Search Settings\FF\components\IFBHOSearch.xpt
c:\program files\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt
c:\program files\Search Settings\FF\components\IFHelperPreferences.xpt
c:\program files\Search Settings\FF\install.rdf
c:\users\Administrator\AppData\Roaming\Local
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\3.ddi
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\4.ddi
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\5.ddi
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\546736P7u37l37p37.3F7i67c37t37i7o76n.1994.avi.ddr
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\6.ddi
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\7.ddi
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\caa3cf7123aaacf44a3364769dab710d.ddr
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\f355df14bd658e158147a97864d319d3.avi.ddr
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\FILE4C9777EE618F4.plong.ddr
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Forrest.Gump.German.1994.DVDRiP.XViD.iNTERNAL_NOiR_1.avi.ddr
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2).ddp
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(3).ddp
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(4).ddp
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(5).ddp
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(6).ddp
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(7).ddp
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(8).ddp
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(9).ddp
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\546736P7u37l37p37.3F7i67c37t37i7o76n.1994.avi
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\caa3cf7123aaacf44a3364769dab710d
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\f355df14bd658e158147a97864d319d3.avi
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\FILE4C9777EE618F4.plong
c:\users\Administrator\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Forrest.Gump.German.1994.DVDRiP.XViD.iNTERNAL_NOiR_1.avi.ddp
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-07-07 bis 2013-08-07 ))))))))))))))))))))))))))))))
.
.
2013-08-07 20:42 . 2013-08-07 20:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-07 13:37 . 2013-08-07 20:23 -------- d-----w- c:\windows\system32\drivers\NIS\1108000.005
2013-08-07 10:01 . 2013-08-07 10:01 -------- d-----w- C:\FRST
2013-08-06 17:55 . 2013-05-08 04:37 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-06 17:54 . 2013-04-17 11:28 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-06 17:54 . 2013-04-17 11:28 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-08-06 17:54 . 2013-04-17 10:34 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-06 17:54 . 2013-04-17 10:14 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-08-06 17:54 . 2013-06-01 04:06 505344 ----a-w- c:\windows\system32\qedit.dll
2013-08-06 17:54 . 2013-05-08 04:04 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-06 17:54 . 2013-04-17 12:30 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-08-06 17:54 . 2013-04-09 03:51 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-08-06 17:54 . 2013-04-09 03:52 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-08-06 17:54 . 2013-04-09 03:51 983552 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-08-06 17:54 . 2013-04-09 03:51 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-08-06 17:36 . 2009-10-14 07:07 348160 ----a-w- c:\windows\system32\drivers\wg111v3.sys
2013-07-28 19:42 . 2013-07-28 20:04 -------- d-----w- c:\users\Administrator\AppData\Local\Microsoft Games
2013-07-28 18:56 . 2005-09-06 13:29 921600 ----a-w- c:\windows\system32\vorbisenc.dll
2013-07-28 18:56 . 2005-09-06 13:28 188416 ----a-w- c:\windows\system32\vorbis.dll
2013-07-28 18:56 . 2005-09-06 13:28 45056 ----a-w- c:\windows\system32\ogg.dll
2013-07-28 18:56 . 2005-09-06 13:28 237568 ----a-w- c:\windows\system32\OggDS.dll
2013-07-28 18:56 . 2005-09-06 13:31 258352 ----a-w- c:\windows\system32\unicows.dll
2013-07-28 18:56 . 2005-09-06 13:23 1712128 ----a-w- c:\windows\system32\GdiPlus.dll
2013-07-28 18:56 . 2013-07-28 18:56 -------- d-----w- c:\program files\rondomedia
2013-07-28 18:20 . 2013-07-28 18:33 -------- d-----w- c:\program files\You Don't Know Jack 4
2013-07-28 18:16 . 2013-07-28 18:16 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-28 18:15 . 2013-07-28 18:16 -------- d-----w- c:\program files\DAEMON Tools Lite
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-07 06:04 . 2012-07-24 14:02 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-07 06:04 . 2012-07-24 14:02 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-02 18:27 . 2013-07-02 18:28 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-09 336384]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^hp psc 2000 Series.lnk]
backup=c:\windows\pss\hp psc 2000 Series.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
2004-06-09 13:37 40960 ----a-w- c:\windows\VM_STI.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
2010-12-08 21:15 63360 ----a-w- c:\program files\DivX\DivX Plus Web Player\DDMService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-01-10 23:25 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
2009-12-03 08:12 976320 ----a-w- c:\program files\Epson Software\Event Manager\EEventManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-09-19 17:54 138096 ----atw- c:\users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-19 07:38 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"BigDogPath"=c:\windows\VM_STI.EXE Philips SPC 200NC PC Camera
.
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2013-08-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-24 06:04]
.
2012-11-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500Core.job
- c:\users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19 17:54]
.
2012-11-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500UA.job
- c:\users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19 17:54]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = my.daemon-search.com
IE: Free YouTube to MP3 Converter - c:\users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - ExtSQL: 2013-07-02 20:28; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn
FF - ExtSQL: 2013-08-07 15:26; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn
FF - ExtSQL: !HIDDEN! 2010-06-26 12:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-08-07 22:42
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.8.0.5\diMaster.dll\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=hex:51,66,7a,6c,4c,1d,3b,1b,18,c1,34,
88,61,c1,6a,03,b6,c8,68,9f,92,ed,03,b9
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,3b,1b,f3,f3,fe,
63,27,39,22,07,87,d0,b5,f0,9f,0a,04,d5
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,3b,1b,f1,06,41,
36,c8,09,0e,02,b7,a1,85,e9,65,6f,0f,8e
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,3b,1b,21,82,10,
e3,64,9e,45,0a,a0,39,dc,a9,2b,97,18,1c
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,3b,1b,6f,c2,ff,
a1,5b,90,bb,55,a3,ef,4a,e0,cb,4b,f8,10
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"=hex:51,66,7a,6c,4c,1d,3b,1b,8f,82,91,
1a,e9,9a,32,09,a7,7f,32,0b,7f,2a,ad,ac
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,6a,7b,
2e,bc,13,96,02,83,14,5e,09,a6,d6,d8,eb
"{593DDEC6-7468-4CDD-90E1-42DADAA222E9}"=hex:51,66,7a,6c,4c,1d,3b,1b,d6,c2,28,
45,56,26,b6,08,8f,e3,08,9a,d8,e3,6f,f6
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,3b,1b,1e,c7,3f,
7c,c1,18,7c,06,95,a3,df,9a,c6,9e,e9,17
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,3b,1b,94,f0,46,
71,90,38,ec,03,b1,ec,be,22,8d,40,4c,13
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,8b,01,
6a,ce,84,47,02,a9,e9,9e,9a,f3,98,60,5c
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,dd,
c7,7b,f6,30,07,a3,76,d6,65,c3,84,c5,b6
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (Administrator)
"Timestamp"=hex:48,5a,65,e2,e8,5c,cd,01
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,90,1a,6d,dc,51,e6,43,ac,71,c9,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,48,90,1a,6d,dc,51,e6,43,ac,71,c9,\
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.aiff"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.au"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_avi_file"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.CDA"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.div\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_div_file"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_divx_file"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Applications\\WINWORD.EXE"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M3U"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MID"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MIDI"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_mkv_file"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.mod"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="QuickTime.mov"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MP2"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MP3"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.MP4"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdn\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Paint.NET.1"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.RMI"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.RTF.8"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tix\UserChoice]
@Denied: (2) (Administrator)
"Progid"="divx_tix_file"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.wav"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Winamp.File.WMA"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-2759149398-2283779644-1834780198-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4820)
c:\users\Administrator\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
Zeit der Fertigstellung: 2013-08-07 22:45:08
ComboFix-quarantined-files.txt 2013-08-07 20:45
.
Vor Suchlauf: 23 Verzeichnis(se), 299.493.617.664 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 298.436.476.928 Bytes frei
.
- - End Of File - - 5FFAE3E1C28C3DE43DDA64C483A9975B
5C616939100B85E558DA92B899A0FC36
Welches Schutz-Programm sollte ich denn verwenden? Den vorinstallierten Windows-Defender? |
|
08.08.2013, 11:28
| #6 |
| /// the machine /// TB-Ausbilder | Frisches Internet, laggt einige sek., in Min.-Abständen Emsisoft oder Avast. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Frisches Internet, laggt einige sek., in Min.-Abständen |
|
08.08.2013, 12:26
| #7 |
| | Frisches Internet, laggt einige sek., in Min.-Abständen Malewarebytes Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.08.03 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Administrator :: BWUK [Administrator] 08.08.2013 12:48:08 mbam-log-2013-08-08 (12-48-08).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 220143 Laufzeit: 11 Minute(n), 24 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Administrator\Downloads\Keygen(1).exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v2.306 - Datei am 08/08/2013 um 13:04:17 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Administrator - BWUK
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Administrator\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\searchplugins\daemon-search.xml
Ordner Gelöscht : C:\Program Files\Application Updater
Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Administrator\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Administrator\AppData\LocalLow\Search Settings
Ordner Gelöscht : C:\Users\Administrator\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Conduit
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\Application Updater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Schlüssel Gelöscht : HKLM\Software\Search Settings
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16496
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = my.daemon-search.com --> hxxp://www.google.com
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\prefs.js
C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\user.js ... Gelöscht !
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [3259 octets] - [08/08/2013 13:03:25]
AdwCleaner[S1].txt - [397 octets] - [08/08/2013 13:03:14]
AdwCleaner[S2].txt - [3174 octets] - [08/08/2013 13:04:17]
########## EOF - C:\AdwCleaner[S2].txt - [3234 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.8 (08.07.2013:4)
OS: Windows Vista (TM) Home Premium x86
Ran by Administrator on 08.08.2013 at 13:18:19,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\trolltech
~~~ Files
Successfully deleted: [File] C:\Windows\system32\sho191F.tmp
Successfully deleted: [File] C:\Windows\system32\sho2464.tmp
Successfully deleted: [File] C:\Windows\system32\sho2B3.tmp
Successfully deleted: [File] C:\Windows\system32\sho4669.tmp
Successfully deleted: [File] C:\Windows\system32\sho4A7C.tmp
Successfully deleted: [File] C:\Windows\system32\sho4E22.tmp
Successfully deleted: [File] C:\Windows\system32\sho62E1.tmp
Successfully deleted: [File] C:\Windows\system32\sho6393.tmp
Successfully deleted: [File] C:\Windows\system32\sho6F4A.tmp
Successfully deleted: [File] C:\Windows\system32\sho7A21.tmp
Successfully deleted: [File] C:\Windows\system32\sho7AAC.tmp
Successfully deleted: [File] C:\Windows\system32\sho96C5.tmp
Successfully deleted: [File] C:\Windows\system32\sho9E83.tmp
Successfully deleted: [File] C:\Windows\system32\sho9E94.tmp
Successfully deleted: [File] C:\Windows\system32\shoA816.tmp
Successfully deleted: [File] C:\Windows\system32\shoABB0.tmp
Successfully deleted: [File] C:\Windows\system32\shoC94E.tmp
Successfully deleted: [File] C:\Windows\system32\shoD6F1.tmp
Successfully deleted: [File] C:\Windows\system32\shoDC02.tmp
Successfully deleted: [File] C:\Windows\system32\shoE54.tmp
Successfully deleted: [File] C:\Windows\system32\shoF4AE.tmp
Successfully deleted: [File] C:\Windows\system32\shoF9D1.tmp
Successfully deleted: [File] C:\Windows\system32\shoFC2B.tmp
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Administrator\AppData\Roaming\mozilla\firefox\profiles\54nyztts.default\minidumps [71 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.08.2013 at 13:20:45,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-08-2013
Ran by Administrator (administrator) on 08-08-2013 13:24:51
Running from C:\Users\Administrator\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-05] (DT Soft Ltd)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {767F539A-4BAA-46BB-B7B7-C72B6980BDD9} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU -No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
Toolbar: HKCU -Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll (Symantec Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=1.6.0_37 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\
FF Extension: Norton IPS - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\17.9.0.12\diMaster.dll [135032 2010-04-30] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
R0 AFS; C:\Windows\System32\Drivers\AFS.sys [77004 2010-08-22] (Oak Technology Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [97296 2010-11-17] (Advanced Micro Devices)
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [1002072 2013-07-15] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NIS\1109000.00C\ccHPx86.sys [485512 2011-08-04] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218176 2013-07-28] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2013-08-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2013-08-06] (Symantec Corporation)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. )
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20130807.001\IDSvix86.sys [386720 2013-08-04] (Symantec Corporation)
S3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2010-06-25] (Intel Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130807.022\NAVENG.SYS [93272 2013-08-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20130807.022\NAVEX15.SYS [1611992 2013-08-06] (Symantec Corporation)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [1690784 2013-02-06] (Ralink Technology, Corp.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\wg111v3.sys [348160 2009-10-14] (NETGEAR Inc. )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2010-09-24] ()
R1 SRTSP; C:\Windows\System32\Drivers\NIS\1109000.00C\SRTSP.SYS [325680 2010-04-22] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1109000.00C\SRTSPX.SYS [43696 2010-04-22] (Symantec Corporation)
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [58320 2005-08-30] (MCCI)
R0 SymDS; C:\Windows\System32\drivers\NIS\1109000.00C\SYMDS.SYS [328752 2009-08-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1109000.00C\SYMEFA.SYS [173176 2011-08-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [124976 2013-07-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1109000.00C\Ironx86.SYS [116784 2010-04-29] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1109000.00C\SYMTDIV.SYS [340088 2011-08-22] (Symantec Corporation)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [91527 2005-02-26] (VM)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\Users\ADMINI~1\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S0 TfFsMon; system32\drivers\TfFsMon.sys [x]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [x]
S0 TfSysMon; system32\drivers\TfSysMon.sys [x]
U2 wuaserv;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-08 13:23 - 2013-08-08 13:23 - 01229980 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2013-08-08 13:20 - 2013-08-08 13:20 - 00002285 _____ C:\Users\Administrator\Desktop\JRT.txt
2013-08-08 13:18 - 2013-08-08 13:18 - 00000000 ____D C:\Windows\ERUNT
2013-08-08 13:04 - 2013-08-08 13:04 - 00003303 _____ C:\AdwCleaner[S2].txt
2013-08-08 13:03 - 2013-08-08 13:03 - 00003259 _____ C:\AdwCleaner[R1].txt
2013-08-08 13:03 - 2013-08-08 13:03 - 00000397 _____ C:\AdwCleaner[S1].txt
2013-08-08 12:52 - 2013-08-08 12:56 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Administrator\Desktop\JRT.exe
2013-08-08 12:46 - 2013-08-08 12:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-08 12:46 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-08 12:45 - 2013-08-08 13:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-08 12:45 - 2013-08-08 12:45 - 00666633 _____ C:\Users\Administrator\Desktop\adwcleaner.exe
2013-08-08 12:44 - 2013-08-08 12:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Administrator\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-07 22:45 - 2013-08-07 22:45 - 00027750 _____ C:\ComboFix.txt
2013-08-07 22:32 - 2013-08-07 22:45 - 00000000 ____D C:\ComboFix
2013-08-07 22:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-07 22:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-07 22:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-07 22:29 - 2013-08-07 22:45 - 00000000 ____D C:\Qoobox
2013-08-07 22:27 - 2013-08-07 22:43 - 00000000 ____D C:\Windows\erdnt
2013-08-07 22:26 - 2013-08-07 22:26 - 05100713 _____ (Swearware) C:\Users\Administrator\Downloads\ComboFix(1).exe
2013-08-07 22:17 - 2013-08-07 22:18 - 05100713 ____R (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2013-08-07 15:35 - 2013-08-07 15:36 - 00033782 _____ C:\Users\Administrator\Downloads\Result.txt
2013-08-07 15:31 - 2013-08-07 15:31 - 00028763 _____ C:\Users\Administrator\Downloads\FRST.txt
2013-08-07 15:29 - 2013-08-07 15:31 - 00023718 _____ C:\Users\Administrator\Downloads\Addition.txt
2013-08-07 15:26 - 2013-08-08 13:06 - 00002217 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-08-07 12:01 - 2013-08-07 12:01 - 00000000 ____D C:\FRST
2013-08-07 11:58 - 2013-08-07 11:58 - 00760937 _____ (Farbar) C:\Users\Administrator\Downloads\MiniToolBox.exe
2013-08-07 10:11 - 2007-05-09 14:06 - 00000052 _____ C:\Users\Administrator\Desktop\Starten.bat
2013-08-07 10:11 - 2007-05-09 14:00 - 00000051 _____ C:\Users\Administrator\Desktop\Stoppen.bat
2013-08-06 21:04 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-06 21:04 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-06 21:04 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-06 21:04 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-06 21:04 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-06 21:04 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-06 21:04 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-06 21:04 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-06 21:04 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-06 21:04 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-06 21:04 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-06 21:04 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-06 21:04 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-06 21:04 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-06 21:04 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-06 21:04 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-06 19:55 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-06 19:55 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-06 19:55 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-06 19:55 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-06 19:55 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-08-06 19:55 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-08-06 19:55 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-08-06 19:55 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-08-06 19:55 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-08-06 19:55 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-08-06 19:55 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-08-06 19:55 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-08-06 19:54 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-08-06 19:54 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-06 19:54 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-06 19:54 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-08-06 19:54 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-08-06 19:54 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-08-06 19:54 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-08-06 19:36 - 2009-10-14 09:07 - 00348160 _____ (NETGEAR Inc. ) C:\Windows\system32\Drivers\wg111v3.sys
2013-07-28 21:42 - 2013-07-28 22:04 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Microsoft Games
2013-07-28 20:56 - 2013-07-28 20:56 - 00001068 _____ C:\Users\Administrator\Desktop\Ultimate Pinball Challenge.lnk
2013-07-28 20:56 - 2013-07-28 20:56 - 00000000 ____D C:\Program Files\rondomedia
2013-07-28 20:56 - 2005-09-06 15:31 - 00258352 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2013-07-28 20:56 - 2005-09-06 15:29 - 00921600 _____ C:\Windows\system32\vorbisenc.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00237568 _____ () C:\Windows\system32\OggDS.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00188416 _____ C:\Windows\system32\vorbis.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00045056 _____ C:\Windows\system32\ogg.dll
2013-07-28 20:56 - 2005-09-06 15:23 - 01712128 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2013-07-28 20:27 - 2013-07-28 20:27 - 00001775 ____R C:\Users\Public\Desktop\You Don't Know Jack 4.lnk
2013-07-28 20:20 - 2013-07-28 20:33 - 00000000 ____D C:\Program Files\You Don't Know Jack 4
2013-07-28 20:16 - 2013-07-28 20:16 - 00218176 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-28 20:15 - 2013-07-28 20:16 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-28 20:15 - 2013-07-28 20:15 - 00001739 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
==================== One Month Modified Files and Folders =======
2013-08-08 13:23 - 2013-08-08 13:23 - 01229980 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2013-08-08 13:20 - 2013-08-08 13:20 - 00002285 _____ C:\Users\Administrator\Desktop\JRT.txt
2013-08-08 13:18 - 2013-08-08 13:18 - 00000000 ____D C:\Windows\ERUNT
2013-08-08 13:17 - 2010-06-25 11:07 - 01307445 _____ C:\Windows\WindowsUpdate.log
2013-08-08 13:16 - 2013-08-08 12:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-08 13:16 - 2012-07-03 08:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-08 13:06 - 2013-08-07 15:26 - 00002217 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2013-08-08 13:06 - 2013-07-02 20:27 - 00000000 ____D C:\Windows\system32\Drivers\NIS
2013-08-08 13:06 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-08 13:06 - 2006-11-02 14:47 - 00003264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-08 13:06 - 2006-11-02 14:47 - 00003264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-08 13:05 - 2013-01-23 23:18 - 00844920 _____ C:\Windows\PFRO.log
2013-08-08 13:04 - 2013-08-08 13:04 - 00003303 _____ C:\AdwCleaner[S2].txt
2013-08-08 13:04 - 2006-11-02 15:01 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-08 13:03 - 2013-08-08 13:03 - 00003259 _____ C:\AdwCleaner[R1].txt
2013-08-08 13:03 - 2013-08-08 13:03 - 00000397 _____ C:\AdwCleaner[S1].txt
2013-08-08 12:56 - 2013-08-08 12:52 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Administrator\Desktop\JRT.exe
2013-08-08 12:46 - 2013-08-08 12:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-08 12:45 - 2013-08-08 12:45 - 00666633 _____ C:\Users\Administrator\Desktop\adwcleaner.exe
2013-08-08 12:45 - 2013-08-08 12:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Administrator\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-08 00:31 - 2012-07-24 16:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-08 00:26 - 2010-06-25 13:39 - 00000000 ____D C:\Program Files\Steam
2013-08-07 22:45 - 2013-08-07 22:45 - 00027750 _____ C:\ComboFix.txt
2013-08-07 22:45 - 2013-08-07 22:32 - 00000000 ____D C:\ComboFix
2013-08-07 22:45 - 2013-08-07 22:29 - 00000000 ____D C:\Qoobox
2013-08-07 22:45 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-08-07 22:43 - 2013-08-07 22:27 - 00000000 ____D C:\Windows\erdnt
2013-08-07 22:42 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-08-07 22:30 - 2006-11-02 12:33 - 01489310 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-07 22:26 - 2013-08-07 22:26 - 05100713 _____ (Swearware) C:\Users\Administrator\Downloads\ComboFix(1).exe
2013-08-07 22:18 - 2013-08-07 22:17 - 05100713 ____R (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2013-08-07 22:13 - 2012-10-04 20:48 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2013-08-07 22:13 - 2010-06-25 14:14 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-08-07 15:36 - 2013-08-07 15:35 - 00033782 _____ C:\Users\Administrator\Downloads\Result.txt
2013-08-07 15:31 - 2013-08-07 15:31 - 00028763 _____ C:\Users\Administrator\Downloads\FRST.txt
2013-08-07 15:31 - 2013-08-07 15:29 - 00023718 _____ C:\Users\Administrator\Downloads\Addition.txt
2013-08-07 12:01 - 2013-08-07 12:01 - 00000000 ____D C:\FRST
2013-08-07 11:58 - 2013-08-07 11:58 - 00760937 _____ (Farbar) C:\Users\Administrator\Downloads\MiniToolBox.exe
2013-08-07 11:44 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-07 08:34 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-07 08:05 - 2010-06-28 22:18 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Adobe
2013-08-07 08:04 - 2012-07-24 16:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-07 08:04 - 2012-07-24 16:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-07 07:58 - 2006-11-02 14:47 - 00396600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-07 07:55 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-08-07 07:55 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-06 21:19 - 2011-02-03 00:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-06 20:56 - 2010-10-26 23:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-06 20:55 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-06 19:36 - 2010-06-25 12:36 - 00000000 ____D C:\Users\Administrator
2013-07-29 10:56 - 2010-06-25 15:19 - 00016896 _____ C:\Users\ADMINI~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-29 10:56 - 2010-06-25 15:19 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-07-28 22:04 - 2013-07-28 21:42 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Microsoft Games
2013-07-28 20:56 - 2013-07-28 20:56 - 00001068 _____ C:\Users\Administrator\Desktop\Ultimate Pinball Challenge.lnk
2013-07-28 20:56 - 2013-07-28 20:56 - 00000000 ____D C:\Program Files\rondomedia
2013-07-28 20:33 - 2013-07-28 20:20 - 00000000 ____D C:\Program Files\You Don't Know Jack 4
2013-07-28 20:27 - 2013-07-28 20:27 - 00001775 ____R C:\Users\Public\Desktop\You Don't Know Jack 4.lnk
2013-07-28 20:16 - 2013-07-28 20:16 - 00218176 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-28 20:16 - 2013-07-28 20:15 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-28 20:15 - 2013-07-28 20:15 - 00001739 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-07-28 20:12 - 2011-01-12 00:07 - 00000000 ____D C:\Program Files\Common Files\SWF Studio
2013-07-12 17:00 - 2011-06-13 15:48 - 02310300 _____ C:\Users\Administrator\Documents\a.dst
Files to move or delete:
====================
C:\Users\Administrator\jagex_cl_runescape_LIVE.dat
C:\Users\Administrator\jagex_cl_runescape_LIVE1.dat
C:\Users\Administrator\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Administrator\jagex_runescape_preferences.dat
C:\Users\Administrator\jagex_runescape_preferences2.dat
C:\Users\Administrator\jagex__preferences3.dat
C:\Users\Administrator\random.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-08 13:11
==================== End Of Log ============================
--- --- --- |
|
08.08.2013, 17:57
| #8 |
| /// the machine /// TB-Ausbilder | Frisches Internet, laggt einige sek., in Min.-AbständenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.08.2013, 10:23
| #9 |
| | Frisches Internet, laggt einige sek., in Min.-AbständenCode:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=98251e252d46004eaba29dc3b76d3d8f
# engine=14704
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-08 09:43:54
# local_time=2013-08-08 11:43:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 9974402 213530963 0 0
# scanned=355248
# found=0
# cleaned=0
# scan_time=8768
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=98251e252d46004eaba29dc3b76d3d8f
# engine=14704
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-09 09:03:21
# local_time=2013-08-09 11:03:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=774 16777213 85 91 39430 152748873 0 0
# compatibility_mode=5892 16776574 100 100 10015168 213571729 0 0
# scanned=392215
# found=0
# cleaned=0
# scan_time=6495
Code:
ATTFilter Results of screen317's Security Check version 0.99.71 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 CCleaner Java 7 Update 25 Adobe Flash Player 11.8.800.94 Adobe Reader 8 Adobe Reader out of Date! Mozilla Firefox (23.0) ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-08-2013
Ran by Administrator (administrator) on 09-08-2013 11:22:50
Running from C:\Users\Administrator\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {767F539A-4BAA-46BB-B7B7-C72B6980BDD9} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
==================== Drivers (Whitelisted) ====================
R0 AFS; C:\Windows\System32\Drivers\AFS.sys [77004 2010-08-22] (Oak Technology Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-08-09] ()
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [97296 2010-11-17] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218176 2013-07-28] (DT Soft Ltd)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. )
S3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2010-06-25] (Intel Corporation)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [1690784 2013-02-06] (Ralink Technology, Corp.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\wg111v3.sys [348160 2009-10-14] (NETGEAR Inc. )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2010-09-24] ()
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [58320 2005-08-30] (MCCI)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [91527 2005-02-26] (VM)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\Users\ADMINI~1\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S0 TfFsMon; system32\drivers\TfFsMon.sys [x]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [x]
S0 TfSysMon; system32\drivers\TfSysMon.sys [x]
U2 wuaserv;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-09 01:19 - 2013-08-09 01:19 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-08-09 01:16 - 2013-08-09 01:16 - 00903080 _____ (Oracle Corporation) C:\Users\Administrator\Downloads\jxpiinstall(1).exe
2013-08-09 01:14 - 2013-08-09 01:15 - 23003252 _____ C:\Users\Administrator\Downloads\vlc-2.0.8-win32.exe
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-09 00:03 - 2013-08-09 00:03 - 00000000 ____D C:\Program Files\Common Files\Java
2013-08-09 00:02 - 2013-08-09 01:19 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-09 00:02 - 2013-08-09 01:19 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-09 00:02 - 2013-08-09 01:19 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-09 00:00 - 2013-08-09 00:00 - 00903080 _____ (Oracle Corporation) C:\Users\Administrator\Downloads\jxpiinstall.exe
2013-08-08 23:52 - 2013-08-09 00:06 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-08 23:52 - 2013-08-09 00:06 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-08 23:52 - 2013-08-09 00:06 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-08 23:52 - 2013-08-08 23:52 - 00001833 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-08 23:52 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-08 23:52 - 2013-05-09 10:59 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-08 23:52 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-08-08 23:52 - 2013-05-09 10:59 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-08 23:52 - 2013-05-09 10:59 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-08 23:52 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-08 23:51 - 2013-08-08 23:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-08 23:51 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-08 23:48 - 2013-08-08 23:51 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-08 23:45 - 2013-08-08 23:48 - 117478104 _____ C:\Users\Administrator\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-08-08 21:11 - 2013-08-08 21:11 - 00891098 _____ C:\Users\Administrator\Desktop\SecurityCheck.exe
2013-08-08 21:10 - 2013-08-08 21:10 - 02347384 _____ (ESET) C:\Users\Administrator\Desktop\esetsmartinstaller_enu.exe
2013-08-08 13:23 - 2013-08-08 13:23 - 01229980 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2013-08-08 13:18 - 2013-08-08 13:18 - 00000000 ____D C:\Windows\ERUNT
2013-08-08 13:04 - 2013-08-08 13:04 - 00003303 _____ C:\AdwCleaner[S2].txt
2013-08-08 13:03 - 2013-08-08 13:03 - 00003259 _____ C:\AdwCleaner[R1].txt
2013-08-08 13:03 - 2013-08-08 13:03 - 00000397 _____ C:\AdwCleaner[S1].txt
2013-08-08 12:52 - 2013-08-08 12:56 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Administrator\Desktop\JRT.exe
2013-08-08 12:46 - 2013-08-08 12:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-08 12:46 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-08 12:45 - 2013-08-08 13:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-08 12:45 - 2013-08-08 12:45 - 00666633 _____ C:\Users\Administrator\Desktop\adwcleaner.exe
2013-08-08 12:44 - 2013-08-08 12:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Administrator\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-07 22:45 - 2013-08-07 22:45 - 00027750 _____ C:\ComboFix.txt
2013-08-07 22:32 - 2013-08-07 22:45 - 00000000 ____D C:\ComboFix
2013-08-07 22:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-07 22:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-07 22:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-07 22:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-07 22:29 - 2013-08-07 22:45 - 00000000 ____D C:\Qoobox
2013-08-07 22:27 - 2013-08-07 22:43 - 00000000 ____D C:\Windows\erdnt
2013-08-07 22:26 - 2013-08-07 22:26 - 05100713 _____ (Swearware) C:\Users\Administrator\Downloads\ComboFix(1).exe
2013-08-07 22:17 - 2013-08-07 22:18 - 05100713 ____R (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2013-08-07 15:35 - 2013-08-07 15:36 - 00033782 _____ C:\Users\Administrator\Downloads\Result.txt
2013-08-07 15:31 - 2013-08-07 15:31 - 00028763 _____ C:\Users\Administrator\Downloads\FRST.txt
2013-08-07 15:29 - 2013-08-07 15:31 - 00023718 _____ C:\Users\Administrator\Downloads\Addition.txt
2013-08-07 12:01 - 2013-08-07 12:01 - 00000000 ____D C:\FRST
2013-08-07 11:58 - 2013-08-07 11:58 - 00760937 _____ (Farbar) C:\Users\Administrator\Downloads\MiniToolBox.exe
2013-08-07 10:11 - 2007-05-09 14:06 - 00000052 _____ C:\Users\Administrator\Desktop\Starten.bat
2013-08-07 10:11 - 2007-05-09 14:00 - 00000051 _____ C:\Users\Administrator\Desktop\Stoppen.bat
2013-08-06 21:04 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-06 21:04 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-06 21:04 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-06 21:04 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-06 21:04 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-06 21:04 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-06 21:04 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-06 21:04 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-06 21:04 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-06 21:04 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-06 21:04 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-06 21:04 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-06 21:04 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-06 21:04 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-06 21:04 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-06 21:04 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-06 19:55 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-06 19:55 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-06 19:55 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-06 19:55 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-06 19:55 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-08-06 19:55 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-08-06 19:55 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-08-06 19:55 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-08-06 19:55 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-08-06 19:55 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-08-06 19:55 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-08-06 19:55 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-08-06 19:54 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-08-06 19:54 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-06 19:54 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-06 19:54 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-08-06 19:54 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-08-06 19:54 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-08-06 19:54 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-08-06 19:36 - 2009-10-14 09:07 - 00348160 _____ (NETGEAR Inc. ) C:\Windows\system32\Drivers\wg111v3.sys
2013-07-28 21:42 - 2013-07-28 22:04 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Microsoft Games
2013-07-28 20:56 - 2013-07-28 20:56 - 00001068 _____ C:\Users\Administrator\Desktop\Ultimate Pinball Challenge.lnk
2013-07-28 20:56 - 2013-07-28 20:56 - 00000000 ____D C:\Program Files\rondomedia
2013-07-28 20:56 - 2005-09-06 15:31 - 00258352 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2013-07-28 20:56 - 2005-09-06 15:29 - 00921600 _____ C:\Windows\system32\vorbisenc.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00237568 _____ () C:\Windows\system32\OggDS.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00188416 _____ C:\Windows\system32\vorbis.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00045056 _____ C:\Windows\system32\ogg.dll
2013-07-28 20:56 - 2005-09-06 15:23 - 01712128 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2013-07-28 20:27 - 2013-07-28 20:27 - 00001775 ____R C:\Users\Public\Desktop\You Don't Know Jack 4.lnk
2013-07-28 20:20 - 2013-07-28 20:33 - 00000000 ____D C:\Program Files\You Don't Know Jack 4
2013-07-28 20:16 - 2013-07-28 20:16 - 00218176 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-28 20:15 - 2013-07-28 20:16 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-28 20:15 - 2013-07-28 20:15 - 00001739 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
125
==================== One Month Modified Files and Folders =======
2013-08-09 11:20 - 2010-06-25 11:07 - 01393696 _____ C:\Windows\WindowsUpdate.log
2013-08-09 11:11 - 2006-11-02 14:47 - 00003264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-09 11:11 - 2006-11-02 14:47 - 00003264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-09 10:31 - 2012-07-24 16:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-09 09:11 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-09 02:12 - 2006-11-02 15:01 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-09 01:22 - 2013-08-09 01:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Oracle
2013-08-09 01:19 - 2013-08-09 01:19 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-08-09 01:19 - 2013-08-09 00:02 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-09 01:19 - 2013-08-09 00:02 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-09 01:19 - 2013-08-09 00:02 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-09 01:19 - 2012-06-30 20:55 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-08-09 01:19 - 2010-06-25 13:41 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-09 01:19 - 2010-06-25 13:41 - 00000000 ____D C:\Program Files\Java
2013-08-09 01:16 - 2013-08-09 01:16 - 00903080 _____ (Oracle Corporation) C:\Users\Administrator\Downloads\jxpiinstall(1).exe
2013-08-09 01:15 - 2013-08-09 01:14 - 23003252 _____ C:\Users\Administrator\Downloads\vlc-2.0.8-win32.exe
2013-08-09 01:13 - 2012-07-24 16:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-09 01:13 - 2012-07-24 16:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-09 01:13 - 2010-06-25 13:39 - 00000000 ____D C:\Program Files\Steam
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-09 00:06 - 2013-08-08 23:52 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-09 00:06 - 2013-08-08 23:52 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-09 00:06 - 2013-08-08 23:52 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-09 00:03 - 2013-08-09 00:03 - 00000000 ____D C:\Program Files\Common Files\Java
2013-08-09 00:00 - 2013-08-09 00:00 - 00903080 _____ (Oracle Corporation) C:\Users\Administrator\Downloads\jxpiinstall.exe
2013-08-08 23:55 - 2013-07-02 20:27 - 00000000 ____D C:\ProgramData\Norton
2013-08-08 23:55 - 2013-01-23 23:18 - 01051734 _____ C:\Windows\PFRO.log
2013-08-08 23:52 - 2013-08-08 23:52 - 00001833 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-08 23:52 - 2006-11-02 12:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-08-08 23:51 - 2013-08-08 23:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-08 23:51 - 2013-08-08 23:48 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-08 23:48 - 2013-08-08 23:45 - 117478104 _____ C:\Users\Administrator\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-08-08 21:11 - 2013-08-08 21:11 - 00891098 _____ C:\Users\Administrator\Desktop\SecurityCheck.exe
2013-08-08 21:10 - 2013-08-08 21:10 - 02347384 _____ (ESET) C:\Users\Administrator\Desktop\esetsmartinstaller_enu.exe
2013-08-08 21:07 - 2012-07-03 08:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-08 13:23 - 2013-08-08 13:23 - 01229980 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2013-08-08 13:18 - 2013-08-08 13:18 - 00000000 ____D C:\Windows\ERUNT
2013-08-08 13:16 - 2013-08-08 12:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-08 13:04 - 2013-08-08 13:04 - 00003303 _____ C:\AdwCleaner[S2].txt
2013-08-08 13:03 - 2013-08-08 13:03 - 00003259 _____ C:\AdwCleaner[R1].txt
2013-08-08 13:03 - 2013-08-08 13:03 - 00000397 _____ C:\AdwCleaner[S1].txt
2013-08-08 12:56 - 2013-08-08 12:52 - 00957230 _____ (Oleg N. Scherbakov) C:\Users\Administrator\Desktop\JRT.exe
2013-08-08 12:46 - 2013-08-08 12:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-08 12:45 - 2013-08-08 12:45 - 00666633 _____ C:\Users\Administrator\Desktop\adwcleaner.exe
2013-08-08 12:45 - 2013-08-08 12:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Administrator\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-07 22:45 - 2013-08-07 22:45 - 00027750 _____ C:\ComboFix.txt
2013-08-07 22:45 - 2013-08-07 22:32 - 00000000 ____D C:\ComboFix
2013-08-07 22:45 - 2013-08-07 22:29 - 00000000 ____D C:\Qoobox
2013-08-07 22:45 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-08-07 22:43 - 2013-08-07 22:27 - 00000000 ____D C:\Windows\erdnt
2013-08-07 22:42 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-08-07 22:30 - 2006-11-02 12:33 - 01489310 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-07 22:26 - 2013-08-07 22:26 - 05100713 _____ (Swearware) C:\Users\Administrator\Downloads\ComboFix(1).exe
2013-08-07 22:18 - 2013-08-07 22:17 - 05100713 ____R (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2013-08-07 22:13 - 2012-10-04 20:48 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2013-08-07 22:13 - 2010-06-25 14:14 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-08-07 15:36 - 2013-08-07 15:35 - 00033782 _____ C:\Users\Administrator\Downloads\Result.txt
2013-08-07 15:31 - 2013-08-07 15:31 - 00028763 _____ C:\Users\Administrator\Downloads\FRST.txt
2013-08-07 15:31 - 2013-08-07 15:29 - 00023718 _____ C:\Users\Administrator\Downloads\Addition.txt
2013-08-07 12:01 - 2013-08-07 12:01 - 00000000 ____D C:\FRST
2013-08-07 11:58 - 2013-08-07 11:58 - 00760937 _____ (Farbar) C:\Users\Administrator\Downloads\MiniToolBox.exe
2013-08-07 11:44 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-07 08:34 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-07 08:05 - 2010-06-28 22:18 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Adobe
2013-08-07 07:58 - 2006-11-02 14:47 - 00396600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-07 07:55 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-08-07 07:55 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-06 21:19 - 2011-02-03 00:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-06 20:56 - 2010-10-26 23:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-06 20:55 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-08-06 19:36 - 2010-06-25 12:36 - 00000000 ____D C:\Users\Administrator
2013-07-29 10:56 - 2010-06-25 15:19 - 00016896 _____ C:\Users\ADMINI~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-29 10:56 - 2010-06-25 15:19 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-07-28 22:04 - 2013-07-28 21:42 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Microsoft Games
2013-07-28 20:56 - 2013-07-28 20:56 - 00001068 _____ C:\Users\Administrator\Desktop\Ultimate Pinball Challenge.lnk
2013-07-28 20:56 - 2013-07-28 20:56 - 00000000 ____D C:\Program Files\rondomedia
2013-07-28 20:33 - 2013-07-28 20:20 - 00000000 ____D C:\Program Files\You Don't Know Jack 4
2013-07-28 20:27 - 2013-07-28 20:27 - 00001775 ____R C:\Users\Public\Desktop\You Don't Know Jack 4.lnk
2013-07-28 20:16 - 2013-07-28 20:16 - 00218176 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-28 20:16 - 2013-07-28 20:15 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-28 20:15 - 2013-07-28 20:15 - 00001739 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-07-28 20:12 - 2011-01-12 00:07 - 00000000 ____D C:\Program Files\Common Files\SWF Studio
2013-07-12 17:00 - 2011-06-13 15:48 - 02310300 _____ C:\Users\Administrator\Documents\a.dst
Files to move or delete:
====================
C:\Users\Administrator\jagex_cl_runescape_LIVE.dat
C:\Users\Administrator\jagex_cl_runescape_LIVE1.dat
C:\Users\Administrator\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Administrator\jagex_runescape_preferences.dat
C:\Users\Administrator\jagex_runescape_preferences2.dat
C:\Users\Administrator\jagex__preferences3.dat
C:\Users\Administrator\random.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-09 09:18
==================== End Of Log ============================
--- --- --- |
|
09.08.2013, 10:58
| #10 |
| /// the machine /// TB-Ausbilder | Frisches Internet, laggt einige sek., in Min.-Abständen Adobe updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter U2 wuaserv;
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.08.2013, 11:59
| #11 |
| | Frisches Internet, laggt einige sek., in Min.-AbständenCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 08-08-2013
Ran by Administrator at 2013-08-09 12:19:11 Run:1
Running from C:\Users\Administrator\Desktop
Boot Mode: Normal
==============================================
U2 wuaserv; => Service not found.
==== End of Fixlog ====
|
|
10.08.2013, 09:13
| #12 |
| /// the machine /// TB-Ausbilder | Frisches Internet, laggt einige sek., in Min.-Abständen dann ignorier einfach meine Frage "Noch Probleme?" nicht  Router vom Strom nehmen, 30 min warten, wieder anklemmen, testen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.08.2013, 09:54
| #13 |
| | Frisches Internet, laggt einige sek., in Min.-Abständen Hat ebenfalls nicht funktioniert. |
|
16.08.2013, 16:09
| #14 |
| /// the machine /// TB-Ausbilder | Frisches Internet, laggt einige sek., in Min.-Abständen Poste mal ein frisches FRST Log. Router mal komplett zurücksetzen, dann auch mal nen Speedtest machen bei Speedmeter.de
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.08.2013, 23:33
| #15 |
| | Frisches Internet, laggt einige sek., in Min.-Abständen FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-08-2013 01
Ran by Administrator (administrator) on 19-08-2013 00:29:47
Running from C:\Users\Administrator\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\system32\IoctlSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [EPSON SX420W Series] - C:\Windows\TEMP\E_SCBB8.tmp [130 2013-08-10] ()
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-03-09] (AMD)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\54nyztts.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
========================== Services (Whitelisted) =================
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
==================== Drivers (Whitelisted) ====================
R0 AFS; C:\Windows\System32\Drivers\AFS.sys [77004 2010-08-22] (Oak Technology Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-08-09] ()
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [75776 2013-01-15] (Advanced Micro Devices)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218176 2013-07-28] (DT Soft Ltd)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. )
S3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2010-06-25] (Intel Corporation)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
S3 R300; C:\Windows\System32\DRIVERS\atikmdag.sys [9986048 2013-03-29] (Advanced Micro Devices, Inc.)
R3 rt2870; C:\Windows\System32\DRIVERS\rt2870.sys [1690784 2013-02-06] (Ralink Technology, Corp.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\wg111v3.sys [348160 2009-10-14] (NETGEAR Inc. )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2010-09-24] ()
S3 ssm_bus; C:\Windows\System32\DRIVERS\ssm_bus.sys [58320 2005-08-30] (MCCI)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 ZSMC301b; C:\Windows\System32\Drivers\usbVM31b.sys [91527 2005-02-26] (VM)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 catchme; \??\C:\Users\ADMINI~1\AppData\Local\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S0 TfFsMon; system32\drivers\TfFsMon.sys [x]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [x]
S0 TfSysMon; system32\drivers\TfSysMon.sys [x]
U2 wuaserv;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-19 00:28 - 2013-08-19 00:29 - 01069797 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2013-08-18 23:38 - 2013-08-18 23:38 - 00792704 _____ (AMD) C:\Users\Administrator\Desktop\AMD TREIBERsuchen.exe
2013-08-18 23:28 - 2013-08-18 23:31 - 94175344 _____ (Advanced Micro Devices, Inc.) C:\Users\Administrator\Downloads\13-4_vista_win7_win8_32_dd_ccc_whql.exe
2013-08-17 12:02 - 2013-08-18 16:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-14 12:43 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 12:43 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 12:43 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 12:43 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 12:43 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 12:43 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 12:43 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 12:43 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 12:43 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 12:43 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 12:43 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 12:43 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 12:43 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 12:43 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 12:43 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 12:43 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 12:00 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 12:00 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 12:00 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 12:00 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 12:00 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 12:00 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 12:00 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 11:59 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 11:59 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 11:59 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 11:59 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 11:59 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-11 18:17 - 2008-08-08 04:43 - 00554496 _____ C:\Users\Administrator\Desktop\VBGScan.exe
2013-08-10 11:28 - 2013-08-10 11:28 - 00000000 ____D C:\ProgramData\ATI
2013-08-10 11:23 - 2013-08-10 11:23 - 00000000 ____D C:\AMD
2013-08-10 10:49 - 2013-08-10 10:49 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\DriverTuner
2013-08-10 10:48 - 2013-08-10 10:48 - 02816072 _____ (LionSea SoftWare ) C:\Users\Administrator\Downloads\setup.exe
2013-08-10 10:19 - 2009-10-01 03:01 - 00063488 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_FD4BGCE.DLL
2013-08-10 10:19 - 2007-04-10 01:06 - 00008192 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_DCINST.DLL
2013-08-09 12:55 - 2013-08-09 12:55 - 00002926 _____ C:\DelFix.txt
2013-08-09 12:21 - 2013-08-09 12:32 - 00000000 ____D C:\uninstall.exe
2013-08-09 11:28 - 2013-08-14 12:49 - 00000000 ____D C:\Windows\system32\MRT
2013-08-09 01:22 - 2013-08-09 01:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Oracle
2013-08-09 01:19 - 2013-08-09 01:19 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-08-09 01:16 - 2013-08-09 01:16 - 00903080 _____ (Oracle Corporation) C:\Users\Administrator\Downloads\jxpiinstall(1).exe
2013-08-09 01:14 - 2013-08-09 01:15 - 23003252 _____ C:\Users\Administrator\Downloads\vlc-2.0.8-win32.exe
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-09 00:03 - 2013-08-09 00:03 - 00000000 ____D C:\Program Files\Common Files\Java
2013-08-09 00:02 - 2013-08-09 01:19 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-09 00:02 - 2013-08-09 01:19 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-09 00:02 - 2013-08-09 01:19 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-09 00:00 - 2013-08-09 00:00 - 00903080 _____ (Oracle Corporation) C:\Users\Administrator\Downloads\jxpiinstall.exe
2013-08-08 23:52 - 2013-08-09 00:06 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-08 23:52 - 2013-08-09 00:06 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-08 23:52 - 2013-08-09 00:06 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-08 23:52 - 2013-08-08 23:52 - 00001833 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-08 23:52 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-08 23:52 - 2013-05-09 10:59 - 00056080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-08 23:52 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2013-08-08 23:52 - 2013-05-09 10:59 - 00049376 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-08 23:52 - 2013-05-09 10:59 - 00029816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-08 23:52 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-08 23:51 - 2013-08-08 23:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-08 23:51 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-08-08 23:48 - 2013-08-08 23:51 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-08 23:45 - 2013-08-08 23:48 - 117478104 _____ C:\Users\Administrator\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-08-08 13:18 - 2013-08-09 12:55 - 00000000 ____D C:\Windows\ERUNT
2013-08-08 12:46 - 2013-08-08 12:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-08 12:46 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-08 12:44 - 2013-08-08 12:45 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Administrator\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-07 22:27 - 2013-08-07 22:43 - 00000000 ____D C:\Windows\erdnt
2013-08-07 10:11 - 2007-05-09 14:06 - 00000052 _____ C:\Users\Administrator\Desktop\Starten.bat
2013-08-07 10:11 - 2007-05-09 14:00 - 00000051 _____ C:\Users\Administrator\Desktop\Stoppen.bat
2013-08-06 19:55 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-08-06 19:55 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-08-06 19:55 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-08-06 19:55 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-08-06 19:55 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-08-06 19:55 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-08-06 19:55 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-08-06 19:55 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-08-06 19:55 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-08-06 19:55 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-08-06 19:54 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-08-06 19:54 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-06 19:54 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-08-06 19:54 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-08-06 19:54 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-08-06 19:54 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-08-06 19:54 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-08-06 19:36 - 2009-10-14 09:07 - 00348160 _____ (NETGEAR Inc. ) C:\Windows\system32\Drivers\wg111v3.sys
2013-07-28 21:42 - 2013-07-28 22:04 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Microsoft Games
2013-07-28 20:56 - 2013-07-28 20:56 - 00001068 _____ C:\Users\Administrator\Desktop\Ultimate Pinball Challenge.lnk
2013-07-28 20:56 - 2013-07-28 20:56 - 00000000 ____D C:\Program Files\rondomedia
2013-07-28 20:56 - 2005-09-06 15:31 - 00258352 _____ (Microsoft Corporation) C:\Windows\system32\unicows.dll
2013-07-28 20:56 - 2005-09-06 15:29 - 00921600 _____ C:\Windows\system32\vorbisenc.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00237568 _____ () C:\Windows\system32\OggDS.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00188416 _____ C:\Windows\system32\vorbis.dll
2013-07-28 20:56 - 2005-09-06 15:28 - 00045056 _____ C:\Windows\system32\ogg.dll
2013-07-28 20:56 - 2005-09-06 15:23 - 01712128 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2013-07-28 20:27 - 2013-07-28 20:27 - 00001775 ____R C:\Users\Public\Desktop\You Don't Know Jack 4.lnk
2013-07-28 20:20 - 2013-07-28 20:33 - 00000000 ____D C:\Program Files\You Don't Know Jack 4
2013-07-28 20:16 - 2013-07-28 20:16 - 00218176 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-28 20:15 - 2013-07-28 20:16 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-28 20:15 - 2013-07-28 20:15 - 00001739 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
==================== One Month Modified Files and Folders =======
2013-08-19 00:29 - 2013-08-19 00:29 - 00000000 ____D C:\FRST
2013-08-19 00:29 - 2013-08-19 00:28 - 01069797 _____ (Farbar) C:\Users\Administrator\Desktop\FRST.exe
2013-08-18 23:42 - 2010-06-25 13:39 - 00000000 ____D C:\Program Files\Steam
2013-08-18 23:41 - 2006-11-02 14:47 - 00003264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-18 23:41 - 2006-11-02 14:47 - 00003264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-18 23:38 - 2013-08-18 23:38 - 00792704 _____ (AMD) C:\Users\Administrator\Desktop\AMD TREIBERsuchen.exe
2013-08-18 23:37 - 2010-06-25 11:07 - 01789662 _____ C:\Windows\WindowsUpdate.log
2013-08-18 23:31 - 2013-08-18 23:28 - 94175344 _____ (Advanced Micro Devices, Inc.) C:\Users\Administrator\Downloads\13-4_vista_win7_win8_32_dd_ccc_whql.exe
2013-08-18 23:31 - 2012-07-24 16:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-18 21:41 - 2012-07-03 08:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-18 21:41 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-18 17:25 - 2006-11-02 15:01 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-18 16:52 - 2013-08-17 12:02 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-17 10:52 - 2006-11-02 12:33 - 01489310 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-17 10:32 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-14 20:33 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 20:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-14 12:51 - 2013-08-09 11:28 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 12:49 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 12:48 - 2011-02-03 00:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-10 11:28 - 2013-08-10 11:28 - 00000000 ____D C:\ProgramData\ATI
2013-08-10 11:28 - 2012-06-30 13:17 - 00000000 ____D C:\Program Files\ATI Technologies
2013-08-10 11:26 - 2010-06-25 12:36 - 00000000 ____D C:\Users\Administrator
2013-08-10 11:23 - 2013-08-10 11:23 - 00000000 ____D C:\AMD
2013-08-10 11:22 - 2010-08-21 09:38 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\CrashDumps
2013-08-10 10:49 - 2013-08-10 10:49 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\DriverTuner
2013-08-10 10:48 - 2013-08-10 10:48 - 02816072 _____ (LionSea SoftWare ) C:\Users\Administrator\Downloads\setup.exe
2013-08-10 10:23 - 2013-01-23 23:18 - 01053588 _____ C:\Windows\PFRO.log
2013-08-10 10:20 - 2010-09-01 17:45 - 00000769 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2013-08-09 12:55 - 2013-08-09 12:55 - 00002926 _____ C:\DelFix.txt
2013-08-09 12:55 - 2013-08-08 13:18 - 00000000 ____D C:\Windows\ERUNT
2013-08-09 12:32 - 2013-08-09 12:21 - 00000000 ____D C:\uninstall.exe
2013-08-09 12:30 - 2006-11-02 12:23 - 00000215 _____ C:\Windows\system.ini
2013-08-09 01:22 - 2013-08-09 01:22 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Oracle
2013-08-09 01:19 - 2013-08-09 01:19 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-08-09 01:19 - 2013-08-09 00:02 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-08-09 01:19 - 2013-08-09 00:02 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-08-09 01:19 - 2013-08-09 00:02 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-08-09 01:19 - 2012-06-30 20:55 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-08-09 01:19 - 2010-06-25 13:41 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-08-09 01:19 - 2010-06-25 13:41 - 00000000 ____D C:\Program Files\Java
2013-08-09 01:16 - 2013-08-09 01:16 - 00903080 _____ (Oracle Corporation) C:\Users\Administrator\Downloads\jxpiinstall(1).exe
2013-08-09 01:15 - 2013-08-09 01:14 - 23003252 _____ C:\Users\Administrator\Downloads\vlc-2.0.8-win32.exe
2013-08-09 01:13 - 2012-07-24 16:02 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-09 01:13 - 2012-07-24 16:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-08-09 00:06 - 2013-08-09 00:06 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-08-09 00:06 - 2013-08-08 23:52 - 00770344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-09 00:06 - 2013-08-08 23:52 - 00369584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-09 00:06 - 2013-08-08 23:52 - 00175176 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-09 00:03 - 2013-08-09 00:03 - 00000000 ____D C:\Program Files\Common Files\Java
2013-08-09 00:00 - 2013-08-09 00:00 - 00903080 _____ (Oracle Corporation) C:\Users\Administrator\Downloads\jxpiinstall.exe
2013-08-08 23:55 - 2013-07-02 20:27 - 00000000 ____D C:\ProgramData\Norton
2013-08-08 23:52 - 2013-08-08 23:52 - 00001833 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-08-08 23:52 - 2006-11-02 12:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-08-08 23:51 - 2013-08-08 23:51 - 00000000 ____D C:\Program Files\AVAST Software
2013-08-08 23:51 - 2013-08-08 23:48 - 00000000 ____D C:\ProgramData\AVAST Software
2013-08-08 23:48 - 2013-08-08 23:45 - 117478104 _____ C:\Users\Administrator\Downloads\avast_free_antivirus_setup_8.0.1489.300.exe
2013-08-08 12:46 - 2013-08-08 12:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-08 12:46 - 2013-08-08 12:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-08 12:45 - 2013-08-08 12:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Administrator\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-07 22:45 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-08-07 22:43 - 2013-08-07 22:27 - 00000000 ____D C:\Windows\erdnt
2013-08-07 22:13 - 2012-10-04 20:48 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2013-08-07 22:13 - 2010-06-25 14:14 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-08-07 08:05 - 2010-06-28 22:18 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Adobe
2013-08-07 07:58 - 2006-11-02 14:47 - 00396600 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-07 07:55 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-08-06 20:56 - 2010-10-26 23:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-08-06 20:55 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-29 10:56 - 2010-06-25 15:19 - 00016896 _____ C:\Users\ADMINI~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-29 10:56 - 2010-06-25 15:19 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-07-28 22:04 - 2013-07-28 21:42 - 00000000 ____D C:\Users\ADMINI~1\AppData\Local\Microsoft Games
2013-07-28 20:56 - 2013-07-28 20:56 - 00001068 _____ C:\Users\Administrator\Desktop\Ultimate Pinball Challenge.lnk
2013-07-28 20:56 - 2013-07-28 20:56 - 00000000 ____D C:\Program Files\rondomedia
2013-07-28 20:33 - 2013-07-28 20:20 - 00000000 ____D C:\Program Files\You Don't Know Jack 4
2013-07-28 20:27 - 2013-07-28 20:27 - 00001775 ____R C:\Users\Public\Desktop\You Don't Know Jack 4.lnk
2013-07-28 20:16 - 2013-07-28 20:16 - 00218176 _____ (DT Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2013-07-28 20:16 - 2013-07-28 20:15 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2013-07-28 20:15 - 2013-07-28 20:15 - 00001739 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2013-07-28 20:12 - 2011-01-12 00:07 - 00000000 ____D C:\Program Files\Common Files\SWF Studio
2013-07-25 04:40 - 2013-08-14 12:43 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-25 04:32 - 2013-08-14 12:43 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-25 04:30 - 2013-08-14 12:43 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-25 04:26 - 2013-08-14 12:43 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-25 04:26 - 2013-08-14 12:43 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-25 04:25 - 2013-08-14 12:43 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-25 04:24 - 2013-08-14 12:43 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-25 04:24 - 2013-08-14 12:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-25 04:23 - 2013-08-14 12:43 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-25 04:23 - 2013-08-14 12:43 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-25 04:23 - 2013-08-14 12:43 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-25 04:23 - 2013-08-14 12:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-25 04:23 - 2013-08-14 12:43 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-25 04:22 - 2013-08-14 12:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-25 04:22 - 2013-08-14 12:43 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-25 04:22 - 2013-08-14 12:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
Files to move or delete:
====================
C:\Users\Administrator\jagex_cl_runescape_LIVE.dat
C:\Users\Administrator\jagex_cl_runescape_LIVE1.dat
C:\Users\Administrator\jagex_cl_runescape_LIVE_BETA.dat
C:\Users\Administrator\jagex_runescape_preferences.dat
C:\Users\Administrator\jagex_runescape_preferences2.dat
C:\Users\Administrator\jagex__preferences3.dat
C:\Users\Administrator\random.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-18 21:47
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-08-2013 01 Ran by Administrator at 2013-08-19 00:30:49 Running from C:\Users\Administrator\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= Update for Microsoft Office 2007 (KB2508958) 7-Zip 9.16 beta ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212) Adobe Flash Player 11 ActiveX (Version: 11.8.800.94) Adobe Flash Player 11 Plugin (Version: 11.8.800.94) Adobe Reader X (10.1.7) - Deutsch (Version: 10.1.7) Adobe Shockwave Player 11.5 (Version: 11.5.8.612) AMD APP SDK Runtime (Version: 2.4.595.1) AMD Catalyst Install Manager (Version: 8.0.911.0) Apple Application Support (Version: 1.4.1) Apple Software Update (Version: 2.1.1.116) ASUS VGA Driver (Version: 3.0.0.1) ATI AVIVO Codecs (Version: 11.6.0.10309) avast! Free Antivirus (Version: 8.0.1489.0) Catalyst Control Center - Branding (Version: 1.00.0000) Catalyst Control Center (Version: 2013.0328.2218.38225) Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225) Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225) Catalyst Control Center Localization All (Version: 2013.0328.2218.38225) CCC Help Chinese Standard (Version: 2013.0328.2217.38225) CCC Help Chinese Traditional (Version: 2013.0328.2217.38225) CCC Help Czech (Version: 2013.0328.2217.38225) CCC Help Danish (Version: 2013.0328.2217.38225) CCC Help Dutch (Version: 2013.0328.2217.38225) CCC Help English (Version: 2013.0328.2217.38225) CCC Help Finnish (Version: 2013.0328.2217.38225) CCC Help French (Version: 2013.0328.2217.38225) CCC Help German (Version: 2013.0328.2217.38225) CCC Help Greek (Version: 2013.0328.2217.38225) CCC Help Hungarian (Version: 2013.0328.2217.38225) CCC Help Italian (Version: 2013.0328.2217.38225) CCC Help Japanese (Version: 2013.0328.2217.38225) CCC Help Korean (Version: 2013.0328.2217.38225) CCC Help Norwegian (Version: 2013.0328.2217.38225) CCC Help Polish (Version: 2013.0328.2217.38225) CCC Help Portuguese (Version: 2013.0328.2217.38225) CCC Help Russian (Version: 2013.0328.2217.38225) CCC Help Spanish (Version: 2013.0328.2217.38225) CCC Help Swedish (Version: 2013.0328.2217.38225) CCC Help Thai (Version: 2013.0328.2217.38225) CCC Help Turkish (Version: 2013.0328.2217.38225) ccc-utility (Version: 2013.0328.2218.38225) CCleaner (Version: 2.35) Company of Heroes - FAKEMSI (Version: 2.0.0.0) Company of Heroes (Version: 2.602.0) Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000) Counter-Strike: Source DAEMON Tools Lite (Version: 4.40.1.0127) DHTML Editing Component (Version: 6.02.0001) DivX-Setup (Version: 2.3.0.20) Dropbox (HKCU Version: 1.6.13) Epson Easy Photo Print 2 (Version: 2.2.0.0) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000) Epson Event Manager (Version: 2.40.0001) EPSON Scan EPSON SX420W Series Handbuch EPSON SX420W Series Netzwerk-Handbuch EPSON SX420W Series Printer Uninstall EpsonNet Print (Version: 2.4i) EpsonNet Setup 3.2 (Version: 3.2a) Free Audio CD Burner version 1.4.7 Free Mp3 Wma Converter V 1.9 (Version: 1.9.0.0) Free Videos To DVD V 3.2.0 (Version: 3.2.0.0) Free YouTube to MP3 Converter version 3.9.32 HP Speicher-Disc (Version: 1.0.4.805) HydraVision (Version: 4.2.188.0) Intel(R) PRO Network Connections 12.2.41.0 (Version: 12.2.41.0) Japanese Fonts Support For Adobe Reader 8 (Version: 8.0) Java 7 Update 25 (Version: 7.0.250) Java Auto Updater (Version: 2.1.9.5) Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300) Media Go Video Playback Engine 1.32.102.05130 (Version: 1.32.102.05130) Microsoft .NET Framework 1.1 (Version: 1.1.4322) Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322) Microsoft .NET Framework 1.1 Security Update (KB2698023) Microsoft .NET Framework 1.1 Security Update (KB2833941) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729) Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6012.5000) Microsoft Choice Guard (Version: 2.0.48.0) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000) Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office File Validation Add-In (Version: 14.0.5130.5003) Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1) Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000) Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014) Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322) Mozilla Firefox 23.0.1 (x86 de) (Version: 23.0.1) Mozilla Maintenance Service (Version: 23.0.1) MSVCRT (Version: 14.0.1468.721) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) Nero 8 Essentials (Version: 8.3.500) neroxml (Version: 1.0.0) NVIDIA Install Application (Version: 2.265.36.0) NVIDIA PhysX (Version: 9.10.0514) NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514) Paint.NET v3.5.6 (Version: 3.56.0) PBP Unpacker v0.94 Pcsx2 0.9.6 (Version: 1.0.0) PlayStation(R)Network Downloader (Version: 2.03.00126) PlayStation(R)Store (Version: 3.2.11.09227) Realtek High Definition Audio Driver (Version: 6.0.1.5470) Security Task Manager 1.8d (Version: 1.8d) Sony Vegas Pro 8.0 (Version: 8.0.217) SPC 200NC PC Camera Steam (Version: 1.0.0.0) System Requirements Lab System Requirements Lab CYRI (Version: 4.5.1.0) Ultimate Pinball Challenge Uninstall 1.0.0.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition Update für Microsoft Office Excel 2007 Help (KB963678) Update für Microsoft Office Outlook 2007 Help (KB963677) Update für Microsoft Office Powerpoint 2007 Help (KB963669) Update für Microsoft Office Word 2007 Help (KB963665) VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0) Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01) VLC media player 2.0.8 (Version: 2.0.8) WinAce Archiver (Version: 2.69) Winamp (Version: 5.63 ) Winamp Detector Plug-in (HKCU Version: 1.0.0.1) Windows Live Anmelde-Assistent (Version: 5.000.818.5) Windows Live Call (Version: 14.0.8117.0416) Windows Live Communications Platform (Version: 14.0.8117.416) Windows Live Essentials (Version: 14.0.8117.0416) Windows Live Essentials (Version: 14.0.8117.416) Windows Live-Uploadtool (Version: 14.0.8014.1029) X10 Hardware(TM) You Don't Know Jack 4 1.00 (Version: 1.00) ==================== Restore Points ========================= 09-08-2013 10:55:40 Ende der Bereinigung 10-08-2013 08:19:37 Gerätetreiber-Paketinstallation: EPSON Drucker 10-08-2013 08:20:42 Gerätetreiber-Paketinstallation: EPSON Bildverarbeitungsgeräte 10-08-2013 09:25:00 Gerätetreiber-Paketinstallation: Advanced Micro Devices, Inc. Grafikkarte 10-08-2013 09:26:40 Gerätetreiber-Paketinstallation: Advanced Micro Devices Audio-, Video- und Gamecontroller 14-08-2013 10:41:40 Windows Update ==================== Hosts content: ========================== 2006-11-02 12:23 - 2013-08-07 22:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {194F008F-102C-4B47-B6DD-BB70E7873DD3} - System32\Tasks\WPD\SqmUpload_S-1-5-21-2759149398-2283779644-1834780198-500 => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {34024775-9B25-48D4-AF08-DA9A19BA6391} - System32\Tasks\User_Feed_Synchronization-{2088D931-66F3-4532-8CFA-7ECA0BE7253B} => C:\Windows\system32\msfeedssync.exe [2011-06-06] (Microsoft Corporation) Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation) Task: {4548E343-F035-4037-92AF-00824A540A26} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software) Task: {495B6E3E-D8FD-453C-9249-BC9F9F4B297A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500UA => C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.) Task: {5288FC4A-01A4-4185-83EC-F91BE6A5172B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {55C6E582-2636-4DE5-AD4F-07ACB9E59692} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-19] (Microsoft Corporation) Task: {60D3AFDA-F4EE-4C12-ABED-E752C6E9F06B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-09] (Adobe Systems Incorporated) Task: {945CE2DA-645D-4342-953C-E3D159A3660D} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-19] (Microsoft Corp.) Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-19] (Microsoft Corporation) Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation) Task: {B2768D68-623C-48B8-9EE8-7226DB09EA3A} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated) Task: {C6B9BDA7-4542-487A-8988-E066A52F2463} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2010-06-25] () Task: {E9DFF417-CBD9-45D0-B6BD-8097732E9E4F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation) Task: {F4F91970-6E17-46C8-B031-512AB21BB6D9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.) Task: {FDE860E7-D2C8-4714-8D4B-0435CCC68321} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500Core => C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500Core.job => C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2759149398-2283779644-1834780198-500UA.job => C:\Users\Administrator\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Faulty Device Manager Devices ============= Name: 6TO4 Adapter Description: Microsoft-6zu4-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: 6TO4 Adapter Description: Microsoft-6zu4-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: isatap.{DEBC8E81-7C29-4FFB-8D74-2B23AA99EDFC} Description: Microsoft-ISATAP-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (08/11/2013 09:54:32 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (08/10/2013 11:21:54 AM) (Source: Application Error) (User: ) Description: Fehlerhafte Anwendung firefox.exe, Version 23.0.0.4959, Zeitstempel 0x51f84049, fehlerhaftes Modul xul.dll, Version 23.0.0.4959, Zeitstempel 0x51f83f58, Ausnahmecode 0xc0000005, Fehleroffset 0x0015b268, Prozess-ID 0xa84, Anwendungsstartzeit firefox.exe0. Error: (08/09/2013 00:55:40 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005. Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {ab2c82e4-1b2a-47dc-b4e6-866b73c699b3} Error: (08/08/2013 01:22:13 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". System errors: ============= Error: (08/18/2013 09:43:31 PM) (Source: Service Control Manager) (User: ) Description: i8042prt Lbd TfFsMon TfSysMon Error: (08/18/2013 04:51:08 PM) (Source: Service Control Manager) (User: ) Description: i8042prt Lbd TfFsMon TfSysMon Error: (08/18/2013 01:14:02 PM) (Source: Service Control Manager) (User: ) Description: i8042prt Lbd TfFsMon TfSysMon Error: (08/17/2013 08:59:58 PM) (Source: Service Control Manager) (User: ) Description: i8042prt Lbd TfFsMon TfSysMon Error: (08/17/2013 10:25:44 AM) (Source: Service Control Manager) (User: ) Description: i8042prt Lbd TfFsMon TfSysMon Error: (08/17/2013 10:25:35 AM) (Source: Server) (User: ) Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{23A2F7A3-E490-4AF0-B765-7E47395C9A42} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden. Error: (08/16/2013 09:32:14 PM) (Source: Service Control Manager) (User: ) Description: i8042prt Lbd TfFsMon TfSysMon Error: (08/16/2013 07:22:33 AM) (Source: Service Control Manager) (User: ) Description: i8042prt Lbd TfFsMon TfSysMon Error: (08/15/2013 10:10:05 PM) (Source: Service Control Manager) (User: ) Description: i8042prt Lbd TfFsMon TfSysMon Error: (08/15/2013 11:18:46 AM) (Source: Service Control Manager) (User: ) Description: i8042prt Lbd TfFsMon TfSysMon Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-08-08 13:25:22.986 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-08 13:25:22.845 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-08 13:25:22.674 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-08 13:25:22.486 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-08 12:55:30.484 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-08 12:55:30.348 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-08 12:55:30.211 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-08 12:55:30.070 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-08 12:55:29.919 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2013-08-08 12:55:29.775 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 62% Total physical RAM: 2045.45 MB Available physical RAM: 766.65 MB Total Pagefile: 4331.93 MB Available Pagefile: 2626.57 MB Total Virtual: 2047.88 MB Available Virtual: 1903.15 MB ==================== Drives ================================ Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:307.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:1.28 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 24B9B06A) Partition 1: (Active) - (Size=446 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended) ==================== End Of Log ============================ 10.7 Mbit/s [bei bis zu 16 vom Anbieter] ------ akzeptabel |
|
| Themen zu Frisches Internet, laggt einige sek., in Min.-Abständen |
| abständen, anschluss, erhalte, freezes, gemeinde, guten, inter, interne, internet, laggt, morgen, neue, neuen, optimieren, schön, sekunden, video, vornehmen, überhaupt |
Linear-Darstellung
