| |
| |||||||
Log-Analyse und Auswertung: www_getwindowinfoWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.09.2013, 16:12
| #1 |
 |  www_getwindowinfo Hallo, ich habe folgendes Problem, nachdem mein PC hochgefahren ist. Öffnet sich mein Internet Explorer, der nun endlich seine daseinsberechtigung gefunden hat weil ich ihn nie nutze, mit der URL: hxxp://www_getwindowinfo/ Ganz kurz noch hinzugefügt. Habe das erste mal solche Probleme und habe bis jetzt noch nie darüber nachgedacht auch mal nach malware oder ähnlichem zu suchen. Jetzt bin war ich vielleicht etwas voreilig (  ), hab nach dem Problem gegoogled und auch was gefunden, das ich z.B. Malewarebytes Anti-Malware herunter laden soll und alle funde entfernen soll. Hab ich gemacht. Hier der logfile.Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.24.07 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Ronny Peterson :: RONNYPETERSO-PC [Administrator] 24.09.2013 17:53:11 mbam-log-2013-09-24 (17-53-11).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 240107 Laufzeit: 1 Stunde(n), 57 Minute(n), 4 Sekunde(n) [Abgebrochen] Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 8 HKCR\CLSID\{11111111-1111-1111-1111-110311901130} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{44444444-4444-4444-4444-440344904430} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{55555555-5555-5555-5555-550355905530} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0039030.BHO.1 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311901130} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311901130} (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} (PUP.Optional.BabylonToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0039030.BHO (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 15 C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\DealPly\uninst.exe (PUP.Optional.Dealply) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bg.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-buttonutil.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Plus-HD-3.8\utils.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Visions\updater.exe (Trojan.Dropper.PGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Ronny Peterson\AppData\Local\DownloadGuide\Offers\plus-hd-3-8.exe (Adware.Packed.Ranver) -> Erfolgreich gelöscht und in Quarantäne gestellt. D:\FreeYouTubeToMP3Converter (1).exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. D:\FreeYouTubeToMP3Converter.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Nur leider hatte er sich beim ersten mal aufgehangen/wurde immer stockender. Also habe ich den suchlauf abgebrochen und alle funde gelöscht. Pc Neu gestartet und auch den suchlauf neugestartet. Da habe ich einen vollständigen Suchlauf gemacht und ihn die Nacht über arbeiten lassen. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.24.07 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 Ronny Peterson :: RONNYPETERSO-PC [Administrator] 24.09.2013 20:42:23 mbam-log-2013-09-24 (20-42-23).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 455403 Laufzeit: 8 Stunde(n), 3 Minute(n), Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Jetzt zeigt er mir 0 Funde an, das problem ist immer noch. Soll ich nochmal einen Quick Scan machen?? Oder etwas anderes ausführen. Bitte helft mir Danke Ronny |
|
25.09.2013, 16:13
| #2 |
| /// TB-Ausbilder   | www_getwindowinfo Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen. |
|
25.09.2013, 16:13
| #3 |
| /// TB-Ausbilder | www_getwindowinfo Servus,
__________________erst mal eine Analyse starten bitte: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
|
25.09.2013, 16:26
| #4 |
| | www_getwindowinfo So, vielen Dank erstmal. Hier die FRST.txt und die Addition.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2013 Ran by Ronny Peterson (administrator) on RONNYPETERSO-PC on 25-09-2013 17:20:57 Running from C:\Users\Ronny Peterson\Desktop Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (AMD) C:\Windows\system32\atieclxx.exe (Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (Windows Net) C:\Users\Ronny Peterson\AppData\Roaming\Windows Net Data\net.exe (DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe () C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (Devguru Co., Ltd.) C:\Windows\system32\dgdersvc.exe () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe () C:\Program Files\EslWire\service\WireHelperSvc.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe () C:\Windows\SysWOW64\XSrvSetup.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\DCService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\ehome\ehsched.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4\firefox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Microsoft Corporation) C:\Windows\system32\conime.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ProfilerU] - C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek) HKLM\...\Run: [SaiMfd] - C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek) HKLM\...\Run: [CmPCIaudio] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) HKCU\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation) HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG) HKCU\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\KiesKiesTrayAgent.exe HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1814440 2013-09-21] (Valve Corporation) HKCU\...\Run: [Google Update] - C:\Users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-18] (Google Inc.) HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung) HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung) HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung) HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-09-30] (AMD) HKCU\...\Run: [DriverTurbo] - C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe MountPoints2: {963817a1-a6f2-11e1-87c8-00ff01000001} - I:\LaunchU3.exe -a MountPoints2: {d901d06a-808f-11e0-8422-1c6f653f315f} - J:\LaunchU3.exe -a MountPoints2: {e710ad4e-7bde-11e0-9d14-806e6f6e6963} - E:\Run.exe HKLM-x32\...\Run: [BCU] - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [375000 2009-10-15] (DeviceVM, Inc.) HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] () HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [552960 2009-02-27] () HKLM-x32\...\Run: [3170 Scan2PC] - C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe [503808 2009-01-30] () HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [TQ566808] - "E:\Setup.exe" HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation) HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Mcx1\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Mcx1\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) HKU\Mcx2\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Mcx2\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) Startup: C:\Users\Ronny Peterson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk ShortcutTarget: net.lnk -> C:\Users\Ronny Peterson\AppData\Roaming\Windows Net Data\net.exe (Windows Net) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb201?a=6PQXp1nRZk&i=26 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157 URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.) URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - DefaultScope {AC174D10-1FA5-4815-8670-2400D0EFD32B} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus SearchScopes: HKCU - {0ECA8654-1F0A-4E7E-8900-473F20FADF5E} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=100478&babsrc=SP_ss&mntrId=ce351a6000000000000000ff01000001 SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=b864e85e-d9c9-402a-8ce7-541e91b55614&apn_sauid=CA0D3DAF-0A27-4CB2-98A1-E7A4BD93D86B SearchScopes: HKCU - {33BFCA99-B28F-4F7A-89A9-D1B64237B8FE} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms} SearchScopes: HKCU - {50B6F626-ADC1-4a7c-867E-3C13E2F55EE5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH SearchScopes: HKCU - {AC174D10-1FA5-4815-8670-2400D0EFD32B} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6PQXp1nRZk&i=26 BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\Web Check\WebCheck.dll (Web Check) BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663 FF DefaultSearchEngine: DVDVideoSoftTB DE Customized Web Search FF SelectedSearchEngine: DVDVideoSoftTB DE Customized Web Search FF Homepage: hxxp://www.google.de FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&CUI=UN47969287493718105&UM=&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.4.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ronny Peterson\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ronny Peterson\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\searchplugins\dvdvideosofttb-de-customized-web-search.xml FF SearchPlugin: C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\searchplugins\MyStart Search.xml FF Extension: No Name - C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com FF Extension: pricealarm - C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM FF Extension: Address Bar Search - C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi FF Extension: No Name - C:\Program Files (x86)\Web Check\WebCheck.xpi Chrome: ======= CHR HomePage: hxxp://search.conduit.com/?ctid=CT2625848&SearchSource=48 CHR RestoreOnStartup: "hxxp://www.google.de/" CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Ronny Peterson\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Ronny Peterson\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\Ronny Peterson\AppData\Local\Google\Chrome\Application\29.0.1547.76\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Windows Live\\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Users\Ronny Peterson\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Extension: (DVDVideoSoftTB DE) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm\10.19.2.505_0 CHR Extension: (YouTube) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Web Check) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacechnliklhcacondhhkkfobapdopee\0.1_0 CHR Extension: () - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.578_0 CHR Extension: (SweetIM for Facebook) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0 CHR Extension: (New tab for Chrome\u2122) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Plus-HD-3.8) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0 CHR Extension: (Gmail) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Ronny Peterson\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Ronny Peterson\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx CHR HKLM-x32\...\Chrome\Extension: [niogeckbkdcabhnapjbkeiklablhjoca] - C:\Program Files (x86)\Perion\ChromeInfoBar\ChromeInfoBar.crx ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 dgdersvc; C:\Windows\system32\dgdersvc.exe [119632 2010-09-06] (Devguru Co., Ltd.) R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] () R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [678416 2012-12-17] () R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] () R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-05-28] () R2 Prosieben; C:\Program Files (x86)\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.) ==================== Drivers (Whitelisted) ==================== S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [472448 2008-04-29] (AfaTech ) R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices) S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] () S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG) R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-05-22] (C-Media Inc) R3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [54072 2007-10-22] (Samsung Electronics) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [54072 2007-10-22] (Samsung Electronics) S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2011-08-03] (Turtle Entertainment GmbH) R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>) S3 etdrv; C:\Windows\etdrv.sys [25640 2011-06-26] (Windows (R) Server 2003 DDK provider) S3 etdrv; C:\Windows\etdrv.sys [25640 2011-06-26] (Windows (R) Server 2003 DDK provider) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-25] (Windows (R) Server 2003 DDK provider) R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-25] (Windows (R) Server 2003 DDK provider) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-07-01] () S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-07-01] () R3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [129024 2008-02-18] (Saitek) R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 HTCAND64; System32\Drivers\ANDROIDUSB.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 LGBusEnum; system32\drivers\LGBusEnum.sys [x] S3 LGVirHid; system32\drivers\LGVirHid.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] S1 [verify-U]_System; system32\drivers\[verify-U]-driver.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-25 17:20 - 2013-09-25 17:20 - 01955802 _____ (Farbar) C:\Users\Ronny Peterson\Desktop\FRST64.exe 2013-09-25 17:20 - 2013-09-25 17:20 - 00000000 ____D C:\FRST 2013-09-25 06:35 - 2013-09-25 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-24 17:51 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-23 20:45 - 2013-09-23 20:45 - 00000040 _____ C:\Autoconfig.ini 2013-09-23 20:44 - 2013-06-01 07:13 - 01571160 ____N C:\Windows\TotalUninstaller.exe 2013-09-23 20:44 - 2013-05-10 11:48 - 00162136 _____ C:\Windows\system32\spe__ci.exe 2013-09-23 20:44 - 2012-11-17 10:28 - 00000357 _____ C:\Windows\system32\spe__l.smt 2013-09-23 20:44 - 2011-04-11 07:26 - 00034304 _____ () C:\Windows\system32\spe__l.dll 2013-09-23 20:44 - 2010-10-20 10:46 - 00089600 _____ (SS) C:\Windows\system32\spe__ci.dll 2013-09-23 20:43 - 2013-09-23 20:43 - 00000000 ____D C:\Windows\twain_64 2013-09-23 20:43 - 2010-10-06 11:04 - 00142128 _____ C:\Windows\wiainst64.exe 2013-09-23 20:42 - 2010-05-20 14:08 - 00280064 _____ (Samsung Electronics) C:\Windows\system32\snWIAMUI.dll 2013-09-23 20:42 - 2010-04-20 17:20 - 00084592 _____ C:\Windows\system32\WIAEXSTR.loc 2013-09-23 20:42 - 2010-01-19 12:58 - 00160272 _____ (TWAIN Working Group) C:\Windows\system32\TWAINDSM.dll 2013-09-23 20:42 - 2010-01-19 12:57 - 00143896 _____ (TWAIN Working Group) C:\Windows\SysWOW64\TWAINDSM.dll 2013-09-23 20:41 - 2010-10-21 13:46 - 00207872 _____ C:\Windows\system32\SNWIAUI.dll 2013-09-23 20:41 - 2010-10-21 10:22 - 00709632 _____ C:\Windows\system32\SnMinDrv.dll 2013-09-23 20:41 - 2010-10-21 10:22 - 00163840 _____ C:\Windows\system32\SnImgFlt.dll 2013-09-23 20:41 - 2010-10-21 10:22 - 00103424 _____ C:\Windows\system32\SnErHdlr.dll 2013-09-23 20:37 - 2013-09-23 20:37 - 00000000 ____D C:\Program Files\Hewlett-Packard 2013-09-23 20:37 - 2013-09-23 20:37 - 00000000 ____D C:\cpqsystem 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\2C0A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0C0A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0C04 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0816 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0804 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0424 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041F 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041E 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041D 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041B 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0419 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0416 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0415 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0414 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0413 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0412 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0411 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0410 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040E 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040D 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040C 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040B 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0409 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0408 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0406 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0405 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0404 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0401 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics 2013-09-23 20:28 - 2013-09-24 17:36 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Windows Net Data 2013-09-23 20:28 - 2013-09-23 20:28 - 00004146 _____ C:\Windows\System32\Tasks\FreeDriverScout 2013-09-23 20:28 - 2013-09-23 20:28 - 00000000 ____D C:\ProgramData\FreeDriverScout 2013-09-23 20:28 - 2013-09-23 20:28 - 00000000 ____D C:\ProgramData\FreeDriverScout 2013-09-23 20:28 - 2013-09-23 20:28 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater 2013-09-23 20:26 - 2013-09-25 16:51 - 00000000 ____D C:\Program Files\SoftwareUpdater 2013-09-23 20:26 - 2013-09-25 16:50 - 00004094 _____ C:\Windows\System32\Tasks\Software Updater Ui 2013-09-23 20:26 - 2013-09-25 16:50 - 00004056 _____ C:\Windows\System32\Tasks\Software Updater 2013-09-23 20:26 - 2013-09-23 20:26 - 00000000 ____D C:\Program Files\Covus Freemium 2013-09-23 20:25 - 2013-09-23 20:25 - 00000000 ____D C:\Program Files (x86)\Web Check 2013-09-23 20:22 - 2013-09-23 20:24 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\DownloadGuide 2013-09-23 20:17 - 2013-09-23 20:27 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\DriverTurbo 2013-09-23 20:17 - 2013-09-23 20:27 - 00000000 ____D C:\Program Files (x86)\DriverTurbo 2013-09-23 20:17 - 2013-09-23 20:17 - 00345324 _____ C:\Users\Ronny Peterson\AppData\Local\dd_vcredistMSI3DFB.txt 2013-09-23 20:17 - 2013-09-23 20:17 - 00012810 _____ C:\Users\Ronny Peterson\AppData\Local\dd_vcredistUI3DFB.txt 2013-09-19 18:03 - 2013-09-20 04:38 - 98443620 _____ C:\Windows\SysWOW64\煾뻬Ñ 2013-09-17 18:07 - 2013-09-20 19:48 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Guild Wars 2 2013-09-15 14:39 - 2013-09-15 14:39 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\GW2Stuff 2013-09-15 14:37 - 2013-06-04 20:05 - 00000000 ____D C:\Users\Ronny Peterson\Desktop\Source 2013-09-15 14:37 - 2013-06-04 19:40 - 00300544 _____ C:\Users\Ronny Peterson\Desktop\GW2Stuff.exe 2013-09-14 16:43 - 2013-09-14 16:43 - 00276056 _____ C:\Windows\Minidump\Mini091413-01.dmp 2013-09-13 20:15 - 2013-09-13 20:15 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\Overwolf 2013-09-13 17:26 - 2013-09-14 15:00 - 97542592 _____ C:\Windows\SysWOW64\䍏쭢뻬É 2013-09-13 05:20 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-13 05:20 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-13 05:20 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-13 05:20 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-13 05:20 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-13 05:20 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-09-13 05:20 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-09-13 05:20 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-13 05:20 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-09-13 05:20 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-13 05:20 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-09-13 05:20 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-13 05:20 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-13 05:20 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-09-13 05:20 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-13 05:20 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-13 05:20 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-13 05:20 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-13 05:20 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-13 05:20 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-13 05:20 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-09-13 05:20 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-13 05:20 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-09-13 05:20 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-13 05:20 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-13 05:20 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-09-13 05:20 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-09-13 05:20 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-13 05:20 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-13 05:20 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-13 05:20 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-09-13 05:20 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-13 04:47 - 2013-08-08 04:03 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-13 04:47 - 2013-07-16 11:25 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2013-09-13 04:47 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2013-09-04 20:49 - 2013-09-18 20:52 - 00013005 _____ C:\Users\Ronny Peterson\Desktop\Klasse 1b.xlsx 2013-08-28 17:57 - 2013-08-02 16:06 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-28 17:57 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL ==================== One Month Modified Files and Folders ======= 2013-09-25 17:20 - 2013-09-25 17:20 - 01955802 _____ (Farbar) C:\Users\Ronny Peterson\Desktop\FRST64.exe 2013-09-25 17:20 - 2013-09-25 17:20 - 00000000 ____D C:\FRST 2013-09-25 17:20 - 2012-04-28 09:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-25 16:52 - 2008-01-21 03:53 - 01491361 _____ C:\Windows\WindowsUpdate.log 2013-09-25 16:51 - 2013-09-23 20:26 - 00000000 ____D C:\Program Files\SoftwareUpdater 2013-09-25 16:50 - 2013-09-23 20:26 - 00004094 _____ C:\Windows\System32\Tasks\Software Updater Ui 2013-09-25 16:50 - 2013-09-23 20:26 - 00004056 _____ C:\Windows\System32\Tasks\Software Updater 2013-09-25 16:49 - 2013-09-25 06:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4 2013-09-25 16:48 - 2006-11-02 17:06 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-09-25 16:48 - 2006-11-02 17:06 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-09-25 16:47 - 2011-11-09 18:58 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-25 16:47 - 2011-05-11 17:16 - 00000144 _____ C:\service.log 2013-09-25 16:46 - 2011-05-11 17:31 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2013-09-25 16:46 - 2006-11-02 17:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-25 16:46 - 2006-11-02 17:21 - 00004176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-25 16:46 - 2006-11-02 17:21 - 00004176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-25 16:42 - 2006-11-02 17:40 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-09-25 15:33 - 2011-12-18 11:30 - 00001156 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000UA.job 2013-09-25 08:33 - 2011-12-18 11:30 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000Core.job 2013-09-24 20:33 - 2006-11-02 17:39 - 01567978 _____ C:\Windows\PFRO.log 2013-09-24 19:51 - 2011-10-02 15:08 - 00000000 ____D C:\Program Files (x86)\Visions 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-24 17:44 - 2012-04-18 16:38 - 00003754 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A34D45CD-1E54-4F67-B2A7-A424BB42D55D} 2013-09-24 17:36 - 2013-09-23 20:28 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Windows Net Data 2013-09-23 20:52 - 2012-06-30 14:10 - 00000668 _____ C:\Windows\Cmicnfg3.ini.imi 2013-09-23 20:45 - 2013-09-23 20:45 - 00000040 _____ C:\Autoconfig.ini 2013-09-23 20:45 - 2011-06-21 20:43 - 00000000 ____D C:\ProgramData\Samsung 2013-09-23 20:45 - 2011-06-21 20:43 - 00000000 ____D C:\ProgramData\Samsung 2013-09-23 20:45 - 2011-05-11 17:10 - 00000000 ____D C:\Users\Ronny Peterson 2013-09-23 20:44 - 2011-06-21 20:42 - 00000000 ____D C:\Program Files (x86)\Samsung 2013-09-23 20:43 - 2013-09-23 20:43 - 00000000 ____D C:\Windows\twain_64 2013-09-23 20:40 - 2012-06-30 14:11 - 00000460 _____ C:\Windows\Cmicnfg3.ini.cfl 2013-09-23 20:40 - 2012-06-30 14:11 - 00000116 _____ C:\Windows\system\Dlap.pfx 2013-09-23 20:40 - 2008-12-09 15:54 - 00000589 _____ C:\Windows\system\Cmicnfg3.ini 2013-09-23 20:40 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\system 2013-09-23 20:37 - 2013-09-23 20:37 - 00000000 ____D C:\Program Files\Hewlett-Packard 2013-09-23 20:37 - 2013-09-23 20:37 - 00000000 ____D C:\cpqsystem 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\2C0A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0C0A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0C04 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0816 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0804 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0424 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041F 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041E 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041D 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041B 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0419 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0416 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0415 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0414 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0413 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0412 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0411 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0410 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040E 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040D 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040C 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040B 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0409 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0408 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0406 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0405 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0404 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0401 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics 2013-09-23 20:36 - 2011-05-11 17:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-23 20:36 - 2008-01-21 12:42 - 00000000 ____D C:\Windows\system32\0407 2013-09-23 20:28 - 2013-09-23 20:28 - 00004146 _____ C:\Windows\System32\Tasks\FreeDriverScout 2013-09-23 20:28 - 2013-09-23 20:28 - 00000000 ____D C:\ProgramData\FreeDriverScout 2013-09-23 20:28 - 2013-09-23 20:28 - 00000000 ____D C:\ProgramData\FreeDriverScout 2013-09-23 20:28 - 2013-09-23 20:28 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater 2013-09-23 20:28 - 2011-05-11 17:11 - 00000000 ___RD C:\Users\Ronny Peterson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-23 20:27 - 2013-09-23 20:17 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\DriverTurbo 2013-09-23 20:27 - 2013-09-23 20:17 - 00000000 ____D C:\Program Files (x86)\DriverTurbo 2013-09-23 20:26 - 2013-09-23 20:26 - 00000000 ____D C:\Program Files\Covus Freemium 2013-09-23 20:25 - 2013-09-23 20:25 - 00000000 ____D C:\Program Files (x86)\Web Check 2013-09-23 20:24 - 2013-09-23 20:22 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\DownloadGuide 2013-09-23 20:21 - 2011-05-14 18:25 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\UseNeXT 2013-09-23 20:17 - 2013-09-23 20:17 - 00345324 _____ C:\Users\Ronny Peterson\AppData\Local\dd_vcredistMSI3DFB.txt 2013-09-23 20:17 - 2013-09-23 20:17 - 00012810 _____ C:\Users\Ronny Peterson\AppData\Local\dd_vcredistUI3DFB.txt 2013-09-22 21:34 - 2011-05-11 19:31 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\TS3Client 2013-09-21 22:16 - 2011-05-11 18:50 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\HLSW 2013-09-21 21:33 - 2011-05-11 20:16 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-09-21 21:33 - 2011-05-11 19:11 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-09-21 21:33 - 2011-05-11 19:11 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2013-09-21 18:57 - 2011-08-04 10:31 - 00000000 ____D C:\Program Files (x86)\GUILD WARS 2013-09-20 19:48 - 2013-09-17 18:07 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Guild Wars 2 2013-09-20 19:41 - 2008-01-21 12:47 - 01445460 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-20 19:41 - 2008-01-21 12:46 - 00628668 _____ C:\Windows\system32\perfh007.dat 2013-09-20 19:41 - 2008-01-21 12:46 - 00126474 _____ C:\Windows\system32\perfc007.dat 2013-09-20 18:13 - 2012-09-06 11:14 - 00037066 _____ C:\Users\Ronny Peterson\Desktop\Berufe GW2.xlsx 2013-09-20 04:38 - 2013-09-19 18:03 - 98443620 _____ C:\Windows\SysWOW64\煾뻬Ñ 2013-09-19 19:20 - 2012-04-28 09:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-19 19:20 - 2012-04-28 09:33 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-19 19:20 - 2011-05-14 19:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-18 20:52 - 2013-09-04 20:49 - 00013005 _____ C:\Users\Ronny Peterson\Desktop\Klasse 1b.xlsx 2013-09-15 14:39 - 2013-09-15 14:39 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\GW2Stuff 2013-09-15 11:34 - 2006-11-02 17:26 - 00152981 _____ C:\Windows\setupact.log 2013-09-14 16:43 - 2013-09-14 16:43 - 00276056 _____ C:\Windows\Minidump\Mini091413-01.dmp 2013-09-14 16:43 - 2011-05-18 20:21 - 00000000 ____D C:\Windows\Minidump 2013-09-14 16:43 - 2011-05-18 20:19 - 928170318 _____ C:\Windows\MEMORY.DMP 2013-09-14 15:00 - 2013-09-13 17:26 - 97542592 _____ C:\Windows\SysWOW64\䍏쭢뻬É 2013-09-13 20:15 - 2013-09-13 20:15 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\Overwolf 2013-09-13 20:14 - 2011-05-11 19:23 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2013-09-13 17:24 - 2006-11-02 17:21 - 00306800 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-13 05:23 - 2013-07-28 07:26 - 00000000 ____D C:\Windows\system32\MRT 2013-09-13 05:22 - 2012-07-31 17:27 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-13 05:22 - 2012-07-31 17:27 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-13 05:22 - 2006-11-02 14:35 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2013-09-12 17:22 - 2012-06-21 18:18 - 00000000 ____D C:\Program Files (x86)\Guild Wars 2 2013-09-11 20:28 - 2013-04-27 20:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks 2013-09-11 19:59 - 2012-01-21 09:53 - 00000000 ____D C:\Program Files (x86)\MyFree Codec 2013-09-11 19:58 - 2013-02-02 17:00 - 00000000 ____D C:\Program Files (x86)\RocketDock 2013-09-11 19:51 - 2013-08-23 04:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-11 19:51 - 2013-08-23 04:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-11 19:51 - 2013-07-05 21:21 - 00000000 ____D C:\ProgramData\Apple Computer 2013-09-11 19:51 - 2013-07-05 21:21 - 00000000 ____D C:\ProgramData\Apple Computer 2013-09-11 19:45 - 2012-12-16 21:21 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\Conduit 2013-09-11 19:45 - 2011-07-16 20:16 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\DVDVideoSoft 2013-09-11 19:43 - 2013-07-05 21:18 - 00000000 ____D C:\ProgramData\Apple 2013-09-11 19:43 - 2013-07-05 21:18 - 00000000 ____D C:\ProgramData\Apple 2013-09-05 17:01 - 2013-03-27 18:25 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-09-05 17:01 - 2013-03-27 18:25 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys Some content of TEMP: ==================== C:\Users\Ronny Peterson\AppData\Local\Temp\Execute2App.exe C:\Users\Ronny Peterson\AppData\Local\Temp\msvcp90.dll C:\Users\Ronny Peterson\AppData\Local\Temp\msvcr90.dll C:\Users\Ronny Peterson\AppData\Local\Temp\ose00000.exe C:\Users\Ronny Peterson\AppData\Local\Temp\SAV2RemoveAll.exe C:\Users\Ronny Peterson\AppData\Local\Temp\tbDVDV.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-25 16:54 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2013
Ran by Ronny Peterson at 2013-09-25 17:21:40
Running from C:\Users\Ronny Peterson\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
@BIOS (x32 Version: 2.08)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485)
ATI AVIVO64 Codecs (Version: 11.6.0.50930)
ATI Problem Report Wizard (Version: 3.0.795.0)
ATITool Overclocking Utility (x32 Version: 0.26)
Aureon 5.1 PCI
AutoGreen B10.0517.1 (x32 Version: 1.00.0000)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
BioShock Infinite (x32)
Browser Configuration Utility (x32 Version: 1.1.18.0)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Black Ops II - Zombies (x32)
Call of Duty: Black Ops II (x32)
Call of Duty: Modern Warfare 3 - Dedicated Server (x32)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Call of Duty: Modern Warfare 3 (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)
CCC Help Czech (x32 Version: 2012.1219.1520.27485)
CCC Help Danish (x32 Version: 2012.1219.1520.27485)
CCC Help Dutch (x32 Version: 2012.1219.1520.27485)
CCC Help English (x32 Version: 2012.1219.1520.27485)
CCC Help Finnish (x32 Version: 2012.1219.1520.27485)
CCC Help French (x32 Version: 2012.1219.1520.27485)
CCC Help German (x32 Version: 2012.1219.1520.27485)
CCC Help Greek (x32 Version: 2012.1219.1520.27485)
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)
CCC Help Italian (x32 Version: 2012.1219.1520.27485)
CCC Help Japanese (x32 Version: 2012.1219.1520.27485)
CCC Help Korean (x32 Version: 2012.1219.1520.27485)
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)
CCC Help Polish (x32 Version: 2012.1219.1520.27485)
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)
CCC Help Russian (x32 Version: 2012.1219.1520.27485)
CCC Help Spanish (x32 Version: 2012.1219.1520.27485)
CCC Help Swedish (x32 Version: 2012.1219.1520.27485)
CCC Help Thai (x32 Version: 2012.1219.1520.27485)
CCC Help Turkish (x32 Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Diablo III (x32 Version: 1.0.8.16603)
DVB-T USB BDA Driver (x32)
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000)
EasySaver B9.1214.1 (x32 Version: 1.00.0000)
erLT (x32 Version: 1.20.0137)
ESL Wire 1.15.3
Forsaken World (x32)
Gigabyte Raid Configurer (x32 Version: 1.00.0001)
Google Chrome (HKCU Version: 29.0.1547.76)
GUILD WARS (x32)
Guild Wars 2 (x32)
GuildWars Visions v1.08 (x32)
HLSW v1.4.0.2 (x32)
HydraVision (x32 Version: 4.2.180.0)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 25 (64-bit) (Version: 6.0.250)
Java(TM) 7 Update 4 (64-bit) (Version: 7.0.40)
League of Legends (x32 Version: 1.3)
Logitech SetPoint 5.20 (Version: 5.20)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
maxdome - Online Videothek (Version: 1.0)
maxdome Download Manager 4.1.300.78 (x32 Version: 4.1.30078)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Silverlight (x32 Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nero 7 Premium (x32 Version: 7.02.9755)
neroxml (x32 Version: 1.0.0)
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001)
OutlookAddInNet3Setup (x32 Version: 1.0.0)
PDFCreator (x32 Version: 1.0.1)
Realtek Ethernet Controller Driver For Windows Vista (x32 Version: 6.236.322.2010)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6083)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0)
Saitek Cyborg Keyboard Volume 6.2.1.3 (Version: 6.2.1.3)
Samsung CLX-3170 Series (x32)
Samsung Kies (x32 Version: 2.1.1.11124_17)
Samsung Universal Print Driver 2 (x32 Version: 2.50.03.00)
Samsung Universal Scan Driver (x32 Version: 1.2.5.0)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Segoe UI (x32 Version: 15.4.2271.0615)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Smart Technology Programming Software 7.0.27.13 (Version: 7.0.27.13)
SmarThru 4 (x32)
SmarThru PC Fax (x32)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.12)
TeamViewer 8 (x32 Version: 8.0.17396)
Tomb Raider (x32)
Ultimate Extras sounds from Microsoft® Tinker™
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (x32 Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
UseNeXT by Tangysoft (x32)
User's Guides (Version: 1.20.0000)
VLC media player 2.0.5 (x32 Version: 2.0.5)
Web Check (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Utils (x32)
Windows-Soundschemas
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
==================== Restore Points =========================
06-09-2013 16:49:51 Windows Update
10-09-2013 16:06:29 Windows Update
11-09-2013 17:36:56 Removed Apple Application Support
11-09-2013 17:39:06 Removed Apple Mobile Device Support
11-09-2013 17:40:56 Removed Apple Software Update
11-09-2013 17:42:22 Removed Bonjour
11-09-2013 17:48:08 Removed iTunes
11-09-2013 17:56:01 Removed pdfforge Toolbar v7.6.
11-09-2013 17:59:33 Entfernt InstallShield Wiederherstellungspunkt
13-09-2013 03:13:53 Windows Update
14-09-2013 01:00:28 Windows Update
17-09-2013 15:00:58 Windows Update
23-09-2013 18:24:28 Free Driver Scout
23-09-2013 18:33:10 DriverUtilities
23-09-2013 18:35:42 Installiert Renesas Electronics USB 3.0 Host Controller Driver
23-09-2013 18:36:46 Gerätetreiber-Paketinstallation: Hewlett-Packard Company Systemgeräte
23-09-2013 18:38:19 Installiert Renesas Electronics USB 3.0 Host Controller Driver
23-09-2013 18:39:50 Gerätetreiber-Paketinstallation: Realtek Netzwerkadapter
23-09-2013 18:40:20 Gerätetreiber-Paketinstallation: C-Media Electronics Inc. Audio-, Video- und Gamecontroller
23-09-2013 18:42:25 Gerätetreiber-Paketinstallation: Samsung Bildverarbeitungsgeräte
23-09-2013 18:44:55 Gerätetreiber-Paketinstallation: Samsung Drucker
24-09-2013 15:41:03 Free Driver Scout
24-09-2013 15:43:09 Free Driver Scout
24-09-2013 20:38:11 Windows Update
25-09-2013 10:58:36 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {055A0F92-C9FA-445F-B6F2-E7BC676707A6} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe
Task: {1BDB16F8-BA59-4E5B-8B0D-DEF87FAD2636} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {1C195172-244A-484D-9A7A-7F64B25E2092} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)
Task: {22FB39C3-BC66-4CEF-84EA-2EC0C580D999} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000UA => C:\Users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-18] (Google Inc.)
Task: {2895AB63-E83E-4E3C-8736-518487C807D3} - System32\Tasks\User_Feed_Synchronization-{A34D45CD-1E54-4F67-B2A7-A424BB42D55D} => C:\Windows\system32\msfeedssync.exe [2012-04-18] (Microsoft Corporation)
Task: {5A07C22F-469C-443B-8375-0736C3C9557D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000Core => C:\Users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-18] (Google Inc.)
Task: {7168F3E5-8F53-4066-8C8C-96A3A2837C66} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-08-16] ()
Task: {893AA01D-582D-44E9-A7A0-D1F978562DE2} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-09-23] ()
Task: {8B8827FF-32FB-4155-A82A-006970C5E8BF} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {C0B38178-CA76-4475-90EB-B2F41221156B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {DDE8ACE0-CDA6-4ED5-B177-C6880B60600B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000Core.job => C:\Users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000UA.job => C:\Users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-09-30 22:26 - 2010-09-30 22:26 - 00233472 _____ (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll
2010-09-29 03:13 - 2012-12-19 21:30 - 00045056 _____ () C:\Windows\system32\atitmp64.dll
2013-04-16 18:18 - 2013-04-16 18:18 - 00099840 _____ (Saitek) C:\Program Files\SmartTechnology\Software\ManuExtensionDLLs\AppLaunchEventDll.dll
2008-01-21 04:50 - 2008-01-21 04:50 - 00382464 _____ (Microsoft Corporation) C:\Windows\eHome\ehProxy.dll
2012-12-19 16:32 - 2012-12-19 16:32 - 00037376 _____ (AMD) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.ImplementationNet4.dll
2012-12-19 16:32 - 2012-12-19 16:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-08-14 18:14 - 2013-07-09 14:04 - 01168088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2012-12-12 05:26 - 2012-09-28 18:13 - 00860160 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll
2011-05-15 12:41 - 2009-04-11 08:26 - 00648704 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll
2011-05-15 12:41 - 2009-04-11 08:26 - 00303616 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll
2011-05-15 12:41 - 2009-04-11 08:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll
2013-08-14 18:14 - 2013-07-10 11:47 - 00677888 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll
2012-07-11 22:41 - 2012-06-02 02:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\syswow64\Secur32.dll
2012-04-17 08:37 - 2011-12-14 18:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll
2012-04-17 08:34 - 2012-02-29 17:09 - 00157696 _____ (Microsoft Corporation) C:\Windows\syswow64\imagehlp.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2013-08-14 18:14 - 2013-07-08 06:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcWow64.DLL
2011-05-15 12:39 - 2009-04-11 08:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VERSION.dll
2012-07-11 22:41 - 2012-06-08 19:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll
2013-01-10 05:10 - 2012-11-22 05:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll
2011-05-12 04:57 - 2010-06-28 19:00 - 01316864 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll
2012-04-17 08:35 - 2011-08-25 18:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\USERENV.dll
2012-04-17 08:36 - 2011-01-20 18:07 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSPOOL.DRV
2011-05-15 12:40 - 2009-04-11 08:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPR.dll
2011-05-15 12:41 - 2009-04-11 08:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll
2011-05-12 04:52 - 2009-04-11 08:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.DLL
2011-05-12 04:52 - 2010-04-16 18:46 - 00502272 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll
2012-06-30 14:11 - 2009-09-07 16:18 - 08151040 _____ (C-Media Corporation) C:\Windows\Syswow64\CMICNFG3.dll
2012-04-17 08:35 - 2011-10-14 18:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINMM.dll
2012-04-17 08:35 - 2011-08-25 18:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OLEACC.dll
2011-05-15 12:41 - 2009-04-11 08:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\syswow64\comdlg32.dll
2008-01-21 04:50 - 2008-01-21 04:50 - 00234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-08-14 18:14 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINTRUST.dll
2013-08-14 18:14 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CRYPT32.dll
2011-05-12 04:53 - 2009-09-04 13:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSASN1.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POWRPROF.dll
2008-01-21 04:48 - 2008-01-21 04:48 - 00523776 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL
2011-05-15 12:40 - 2009-04-11 08:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOSES.DLL
2011-05-15 12:40 - 2009-04-11 08:28 - 00396800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audioeng.dll
2006-11-02 14:13 - 2006-11-02 11:46 - 00012288 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL
2008-01-21 04:49 - 2008-01-21 04:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AVRT.dll
2010-09-30 22:26 - 2010-09-30 22:26 - 00208896 _____ (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
2008-01-21 04:49 - 2008-01-21 04:49 - 00179200 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll
2008-01-21 04:49 - 2008-01-21 04:49 - 00008192 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll
2007-07-02 15:02 - 2007-07-02 15:02 - 03073320 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\AdvrCntr2.dll
2013-09-13 05:20 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll
2006-11-02 14:17 - 2006-11-02 10:33 - 00002560 _____ (Microsoft Corporation) C:\Windows\syswow64\Normaliz.dll
2013-09-13 05:20 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll
2013-09-13 05:20 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\syswow64\urlmon.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00059176 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingServicePS.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00020776 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvrPS.dll
2007-06-27 19:03 - 2007-06-27 19:03 - 02749736 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMDataServices.dll
2006-11-02 14:13 - 2006-11-02 11:46 - 00012288 _____ (Microsoft Corporation) C:\Windows\syswow64\psapi.dll
2011-05-15 12:41 - 2009-04-11 08:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll
2013-03-12 18:10 - 2013-08-22 00:18 - 00687104 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll
2011-11-09 19:04 - 2013-09-21 20:35 - 01121192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.dll
2011-11-09 19:04 - 2013-09-11 00:20 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-16 11:52 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-16 11:52 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-16 11:52 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2008-01-21 04:50 - 2008-01-21 04:50 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWow64\ACTXPRXY.DLL
2008-01-21 04:46 - 2008-01-21 04:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2008-01-21 04:49 - 2008-01-21 04:49 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2012-12-12 05:26 - 2012-09-28 18:13 - 00860160 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNEL32.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00307200 _____ ( MarkAny.) C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll
2012-07-11 22:41 - 2012-06-02 02:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 00167312 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentDialogs.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 00053128 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModels.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 00120712 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GlobalUtil.dll
2011-12-23 21:59 - 2013-07-23 02:45 - 01048976 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 01618312 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModule.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 00106496 _____ (TODO: <Company name>) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BaseUI.dll
2013-01-29 19:32 - 2013-07-23 02:45 - 03341208 _____ (Codejock Software) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ToolkitPro1331vc90U.dll
2010-09-30 22:26 - 2010-09-30 22:26 - 00094208 _____ (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDeu.dll
2011-05-15 12:41 - 2009-04-11 08:26 - 00648704 _____ (Microsoft Corporation) C:\Windows\syswow64\user32.dll
2012-04-17 08:35 - 2011-08-25 18:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\syswow64\oleaut32.dll
2012-07-11 22:41 - 2012-06-08 19:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\syswow64\shell32.dll
2013-09-13 05:20 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2008-01-21 04:49 - 2008-01-21 04:49 - 00179200 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.DLL
2009-06-27 10:11 - 2009-06-27 10:11 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2009-10-15 14:06 - 2009-10-15 14:06 - 00170216 _____ (DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\plugins\ZyngaGames\ZyngaGames.dll
2011-07-13 20:58 - 2008-06-26 04:45 - 00155648 _____ () C:\Windows\twain_32\Samsung\CLX3170\IMFilter.dll
2011-07-13 20:58 - 2008-06-26 04:46 - 01384520 _____ () C:\Windows\twain_32\Samsung\CLX3170\ssole.dll
2011-07-13 20:58 - 2008-06-26 04:46 - 00081920 _____ (Samsung Electronics) C:\Windows\twain_32\Samsung\CLX3170\scantopc.dll
2011-07-13 20:58 - 2008-06-26 04:45 - 00367104 _____ () C:\Windows\twain_32\Samsung\CLX3170\NetModule.dll
2011-12-28 00:19 - 2013-07-26 14:41 - 00250368 _____ (Windows (R) Codename Longhorn DDK provider) C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2011-09-16 14:39 - 2011-09-16 14:39 - 00098664 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00320808 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMSQLDB.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00070952 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMLogCxx.dll
2007-06-27 19:02 - 2007-06-27 19:02 - 00742696 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\log4cxx.dll
2007-06-27 19:03 - 2007-06-27 19:03 - 00541992 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMCoFoundation.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00107816 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMPluginBase.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00181544 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMFullTextExtraction.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00181544 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMSearchPluginSimilarImages.dll
2007-06-28 19:16 - 2007-06-28 19:16 - 03376424 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NeroIPP.dll
2013-09-25 06:35 - 2013-09-25 06:35 - 03360152 _____ () C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4\mozjs.dll
2011-05-15 12:40 - 2009-04-11 08:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\syswow64\IMM32.dll
2013-09-10 19:20 - 2013-09-10 19:20 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\[verify-U] => ""="Service"
==================== Faulty Device Manager Devices =============
Name: ATITool Driver
Description: ATITool Driver
Class Guid: {85b5ddd0-e090-4b15-bdf2-a443a3ca0b66}
Manufacturer: W1zzard
Service: ATITool
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/25/2013 04:49:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.
Error: (09/25/2013 04:49:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.
Error: (09/25/2013 04:47:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/25/2013 04:46:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.
Error: (09/25/2013 04:46:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.
Error: (09/25/2013 04:46:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifest.
Error: (09/25/2013 07:43:58 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{d6a611c3-7bed-11e0-9558-806e6f6e6963} - 0000000000000394,0x0053c06c,000000000080C2C0,0,000000000080B2B0,4096,[0])". hr = 0x8007045d.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/25/2013 07:40:36 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{d6a611c3-7bed-11e0-9558-806e6f6e6963} - 00000000000003D4,0x0053c06c,000000000080C2C0,0,000000000080B2B0,4096,[0])". hr = 0x8007045d.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/25/2013 07:36:25 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{d6a611c3-7bed-11e0-9558-806e6f6e6963} - 00000000000003BC,0x0053c06c,000000000080C2C0,0,000000000080B2B0,4096,[0])". hr = 0x8007045d.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/25/2013 07:32:16 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{d6a611c3-7bed-11e0-9558-806e6f6e6963} - 00000000000001EC,0x0053c06c,000000000080C2C0,0,000000000080B2B0,4096,[0])". hr = 0x8007045d.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
System errors:
=============
Error: (09/25/2013 04:47:54 PM) (Source: Service Control Manager) (User: )
Description: DgiVecp%%20
Error: (09/25/2013 04:47:36 PM) (Source: Service Control Manager) (User: )
Description: [verify-U]_System
Error: (09/25/2013 04:47:31 PM) (Source: Service Control Manager) (User: )
Description: DgiVecp%%20
Error: (09/25/2013 04:47:31 PM) (Source: Service Control Manager) (User: )
Description: AODDriver4.2%%2
Error: (09/25/2013 01:13:17 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (09/25/2013 01:11:42 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (09/25/2013 01:10:02 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (09/25/2013 01:07:57 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (09/25/2013 01:05:54 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (09/25/2013 01:03:09 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Microsoft Office Sessions:
=========================
Error: (09/25/2013 04:49:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifestC:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifestC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
Error: (09/25/2013 04:49:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifestC:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifestC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
Error: (09/25/2013 04:47:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/25/2013 04:46:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifestC:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifestC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
Error: (09/25/2013 04:46:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifestC:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifestC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
Error: (09/25/2013 04:46:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.manifestC:\Windows\WinSxS\manifests\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.manifestC:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
Error: (09/25/2013 07:43:58 AM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\Volume{d6a611c3-7bed-11e0-9558-806e6f6e6963} - 0000000000000394,0x0053c06c,000000000080C2C0,0,000000000080B2B0,4096,[0])0x8007045d
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/25/2013 07:40:36 AM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\Volume{d6a611c3-7bed-11e0-9558-806e6f6e6963} - 00000000000003D4,0x0053c06c,000000000080C2C0,0,000000000080B2B0,4096,[0])0x8007045d
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/25/2013 07:36:25 AM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\Volume{d6a611c3-7bed-11e0-9558-806e6f6e6963} - 00000000000003BC,0x0053c06c,000000000080C2C0,0,000000000080B2B0,4096,[0])0x8007045d
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/25/2013 07:32:16 AM) (Source: VSS)(User: )
Description: DeviceIoControl(\\?\Volume{d6a611c3-7bed-11e0-9558-806e6f6e6963} - 00000000000001EC,0x0053c06c,000000000080C2C0,0,000000000080B2B0,4096,[0])0x8007045d
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
CodeIntegrity Errors:
===================================
Date: 2013-09-25 16:46:07.694
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-25 16:46:07.541
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-25 16:45:50.274
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-25 16:45:50.102
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-24 21:36:09.244
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-24 21:36:09.079
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-24 21:36:08.917
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-24 21:36:08.744
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-24 21:36:08.587
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-09-24 21:36:08.430
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 24%
Total physical RAM: 12284.63 MB
Available physical RAM: 9257.68 MB
Total Pagefile: 24501.78 MB
Available Pagefile: 21267.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.25 GB) (Free:28.28 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:458.59 GB) (Free:416.52 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 36127A51)
Partition 1: (Not Active) - (Size=9 GB) - (Type=27)
Partition 2: (Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=459 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
25.09.2013, 18:22
| #5 |
| /// TB-Ausbilder | www_getwindowinfo Servus, Schritt 1 Scan mit Combofix
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte poste mit deiner nächsten Antwort
|
|
26.09.2013, 03:53
| #6 |
| | www_getwindowinfo Guten morgen, hier als erstes der Log von Combofix. ADWCleaner Log kann ich dir leider nicht senden, der hängt sich immer nach kurzer zeit auf.Habe ihn extra die Nacht durchlaufen lassen. JRT habe ich noch nicht durchlaufen lassen, da ich nicht weiß ob die sachen aufeinander aufbauen. Starte den PC heut nachmittag neu und versuche es dann nochmal. Code:
ATTFilter ComboFix 13-09-24.02 - Ronny Peterson 25.09.2013 19:39:18.1.6 - x64
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.49.1031.18.12285.9608 [GMT 2:00]
ausgeführt von:: c:\users\Ronny Peterson\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Web Check\WeBCheck.dll
c:\users\Ronny Peterson\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-08-25 bis 2013-09-25 ))))))))))))))))))))))))))))))
.
.
2013-09-25 15:20 . 2013-09-25 15:20 -------- d-----w- C:\FRST
2013-09-25 04:35 . 2013-09-25 14:49 -------- d-----w- c:\program files (x86)\Mozilla Firefox 4.0 Beta 4
2013-09-24 20:40 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A0DE22F-B760-4DEB-BE7A-749AF8F7B37F}\mpengine.dll
2013-09-24 15:51 . 2013-09-24 15:51 -------- d-----w- c:\users\Ronny Peterson\AppData\Roaming\Malwarebytes
2013-09-24 15:51 . 2013-09-24 15:51 -------- d-----w- c:\programdata\Malwarebytes
2013-09-24 15:51 . 2013-09-24 15:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-24 15:51 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-23 18:45 . 2013-02-05 02:28 41984 ----a-w- c:\windows\system32\Spool\prtprocs\x64\spe__pc.dll
2013-09-23 18:44 . 2013-06-01 05:13 1571160 ------w- c:\windows\TotalUninstaller.exe
2013-09-23 18:44 . 2013-05-10 09:48 162136 ----a-w- c:\windows\system32\spe__ci.exe
2013-09-23 18:44 . 2011-04-11 05:26 34304 ----a-w- c:\windows\system32\spe__l.dll
2013-09-23 18:44 . 2010-10-20 08:46 89600 ----a-w- c:\windows\system32\spe__ci.dll
2013-09-23 18:43 . 2010-10-06 09:04 142128 ----a-w- c:\windows\wiainst64.exe
2013-09-23 18:43 . 2013-09-23 18:43 -------- d-----w- c:\windows\twain_64
2013-09-23 18:42 . 2010-05-20 12:08 280064 ----a-w- c:\windows\system32\snWIAMUI.dll
2013-09-23 18:42 . 2010-01-19 10:58 160272 ----a-w- c:\windows\system32\TWAINDSM.dll
2013-09-23 18:42 . 2010-01-19 10:57 143896 ----a-w- c:\windows\SysWow64\TWAINDSM.dll
2013-09-23 18:41 . 2010-10-21 11:46 207872 ----a-w- c:\windows\system32\SNWIAUI.dll
2013-09-23 18:41 . 2010-10-21 08:22 709632 ----a-w- c:\windows\system32\SnMinDrv.dll
2013-09-23 18:41 . 2010-10-21 08:22 163840 ----a-w- c:\windows\system32\SnImgFlt.dll
2013-09-23 18:41 . 2010-10-21 08:22 103424 ----a-w- c:\windows\system32\SnErHdlr.dll
2013-09-23 18:37 . 2013-09-23 18:37 -------- d-----w- c:\program files\Hewlett-Packard
2013-09-23 18:37 . 2013-09-23 18:37 -------- d-----w- C:\cpqsystem
2013-09-23 18:28 . 2013-09-23 18:28 -------- d-----w- c:\programdata\FreeDriverScout
2013-09-23 18:28 . 2013-09-23 18:28 -------- d-----w- c:\program files (x86)\SoftwareUpdater
2013-09-23 18:28 . 2013-09-24 15:36 -------- d-----w- c:\users\Ronny Peterson\AppData\Roaming\Windows Net Data
2013-09-23 18:26 . 2013-09-25 14:51 -------- d-----w- c:\program files\SoftwareUpdater
2013-09-23 18:26 . 2013-09-23 18:26 -------- d-----w- c:\program files\Covus Freemium
2013-09-23 18:25 . 2013-09-25 17:47 -------- d-----w- c:\program files (x86)\Web Check
2013-09-23 18:22 . 2013-09-23 18:24 -------- d-----w- c:\users\Ronny Peterson\AppData\Local\DownloadGuide
2013-09-23 18:17 . 2013-09-23 18:27 -------- d-----w- c:\program files (x86)\DriverTurbo
2013-09-23 18:17 . 2013-09-23 18:27 -------- d-----w- c:\users\Ronny Peterson\AppData\Roaming\DriverTurbo
2013-09-17 16:07 . 2013-09-20 17:48 -------- d-----w- c:\users\Ronny Peterson\AppData\Roaming\Guild Wars 2
2013-09-15 12:39 . 2013-09-15 12:39 -------- d-----w- c:\users\Ronny Peterson\AppData\Local\GW2Stuff
2013-09-13 18:15 . 2013-09-13 18:15 -------- d-----w- c:\users\Ronny Peterson\AppData\Local\Overwolf
2013-09-13 02:47 . 2013-08-08 02:03 2775552 ----a-w- c:\windows\system32\win32k.sys
2013-09-13 02:47 . 2013-07-16 09:25 689152 ----a-w- c:\windows\system32\themeui.dll
2013-09-13 02:47 . 2013-07-16 04:35 615936 ----a-w- c:\windows\SysWow64\themeui.dll
2013-08-28 15:57 . 2013-08-02 14:06 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-28 15:57 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-25 14:46 . 2011-05-11 15:31 25640 ----a-w- c:\windows\gdrv.sys
2013-09-21 19:33 . 2011-05-11 18:16 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-09-21 19:33 . 2011-05-11 17:11 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-09-21 19:33 . 2011-05-11 17:11 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-09-19 17:20 . 2012-04-28 07:33 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-19 17:20 . 2011-05-14 17:02 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-13 03:22 . 2006-11-02 12:35 79143768 ----a-w- c:\windows\system32\mrt.exe
2013-09-05 15:01 . 2013-03-27 16:25 132088 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-05 15:01 . 2013-03-27 16:25 105344 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-08-07 02:22 . 2011-05-12 02:32 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-07-17 20:01 . 2013-08-14 16:13 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-17 19:41 . 2013-08-14 16:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-10 09:47 . 2013-08-14 16:14 677888 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-10 09:42 . 2013-08-14 16:14 1303552 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:04 . 2013-08-14 16:14 1168088 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-07-09 12:04 . 2013-08-14 16:14 1585256 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:51 . 2013-08-14 16:14 4691904 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:20 . 2013-08-14 16:14 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-07-08 04:20 . 2013-08-14 16:14 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-08 04:18 . 2013-08-14 16:14 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-07-08 04:16 . 2013-08-14 16:14 98304 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-08 04:16 . 2013-08-14 16:14 133120 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-08 04:16 . 2013-08-14 16:14 992768 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-08 04:16 . 2013-08-14 16:14 43008 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-08 04:15 . 2013-08-14 16:14 234496 ----a-w- c:\windows\system32\wow64.dll
2013-07-08 04:15 . 2013-08-14 16:14 218624 ----a-w- c:\windows\system32\wintrust.dll
2013-07-08 04:14 . 2013-08-14 16:14 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-07-08 04:12 . 2013-08-14 16:14 174592 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-08 04:12 . 2013-08-14 16:14 132096 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-08 04:12 . 2013-08-14 16:14 1276416 ----a-w- c:\windows\system32\crypt32.dll
2013-07-08 01:39 . 2013-08-14 16:14 26112 ----a-w- c:\windows\SysWow64\setup16.exe
2013-07-08 01:39 . 2013-08-14 16:14 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-07-08 01:39 . 2013-08-14 16:14 2560 ----a-w- c:\windows\SysWow64\user.exe
2013-07-05 04:45 . 2013-08-14 16:14 1423808 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-28 12:21 . 2011-08-25 08:10 168864 ----a-w- c:\program files\Common Files\WireHelpSvc.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-09-21 1814440]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2013-07-26 844656]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-07-26 1564016]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-09-30 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-02-27 552960]
"3170 Scan2PC"="c:\windows\twain_32\Samsung\CLX3170\Scan2Pc.exe" [2009-01-30 503808]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-26 311152]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-09-05 347192]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
.
c:\users\Ronny Peterson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
net.lnk - c:\users\Ronny Peterson\AppData\Roaming\Windows Net Data\net.exe [2013-9-23 709120]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
maxdome Download Manager.lnk - c:\program files (x86)\maxdome\DCBin\DCTrayApp.exe /accountId:Prosieben [2009-5-1 88808]
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-28 17:20]
.
2013-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000Core.job
- c:\users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-18 09:30]
.
2013-09-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000UA.job
- c:\users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-18 09:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProfilerU"="c:\program files\SmartTechnology\Software\ProfilerU.exe" [2013-04-16 454144]
"SaiMfd"="c:\program files\SmartTechnology\Software\SaiMfd.exe" [2013-04-16 158208]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2009-09-07 8151040]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://mystart.incredibar.com/mb201?a=6PQXp1nRZk&i=26
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Client auf Monitor & öffnen1 - c:\windows\web\AOpenClient.htm
IE: Client auf Monitor & öffnen2 - c:\windows\web\AOpenClient.htm
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: SmarThru4 Als HTML speichern - c:\program files (x86)\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Auswahl erfassen - c:\program files (x86)\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Capture Selection - c:\program files (x86)\SmarThru 4\x64\WebCapture.dll2.htm
IE: SmarThru4 Markierten Text speichern - c:\program files (x86)\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Save as HTML - c:\program files (x86)\SmarThru 4\x64\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files (x86)\SmarThru 4\x64\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files (x86)\SmarThru 4\WebCapture.dll
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\
FF - prefs.js: browser.search.selectedEngine - DVDVideoSoftTB DE Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&CUI=UN47969287493718105&UM=&q=
FF - ExtSQL: 2013-08-12 19:48; {52b0f3db-f988-4788-b9dc-861d016f4487}; c:\program files (x86)\Web Check\WebCheck.xpi
FF - ExtSQL: 2013-08-30 20:06; {badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}; c:\users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
FF - ExtSQL: 2013-09-23 20:28; EFGLQA@78ETGYN-0W7FN789T87.COM; c:\users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - (no file)
BHO-{E155F23C-9931-47c6-A619-20E6FCA86D75} - c:\program files (x86)\Web Check\WebCheck.dll
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
Wow6432Node-HKCU-Run-KiesTrayAgent - c:\program files (x86)\Samsung\KiesKiesTrayAgent.exe
Wow6432Node-HKCU-Run-DriverTurbo - c:\program files (x86)\DriverTurbo\DriverTurbo.exe
Wow6432Node-HKLM-Run-TQ566808 - E:\Setup.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
BHO-{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
WebBrowser-{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Prosieben]
"ImagePath"="\"c:\program files (x86)\maxdome\DCBin\DCService.exe\" /accountid:Prosieben"
"ImagePath"="system32\drivers\
[verify-U]-driver.sys"
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\[verify-U]_System]
"ImagePath"="system32\drivers\
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2013-09-25 19:49:38
ComboFix-quarantined-files.txt 2013-09-25 17:49
.
Vor Suchlauf: 14 Verzeichnis(se), 30.026.199.040 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 35.230.965.760 Bytes frei
.
- - End Of File - - 49A89255A6C8EBC87D66AE07DB296EF8
5C616939100B85E558DA92B899A0FC36
|
|
26.09.2013, 16:33
| #7 |
| /// TB-Ausbilder | www_getwindowinfo Servus, dann starte bitte erst JRT und danach AdwCleaner.  |
|
26.09.2013, 16:43
| #8 | |
| | www_getwindowinfo So, jetzt lief ADWCleaner sauber durch und nach dem Neustart wurde auch der IE nichtmehr geöffnet. Hier noch die letzten 2 Logs. ADWCleaner Code:
ATTFilter # AdwCleaner v3.005 - Bericht erstellt am 26/09/2013 um 17:14:57
# Updated 22/09/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Ultimate Service Pack 2 (64 bits)
# Benutzername : Ronny Peterson - RONNYPETERSO-PC
# Gestartet von : C:\Users\Ronny Peterson\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : BCUService
***** [ Dateien / Ordner ] *****
[!] Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\Program Files (x86)\Conduit
[!] Ordner Gelöscht : C:\Program Files (x86)\DeviceVM
[!] Ordner Gelöscht : C:\Program Files (x86)\Perion
[!] Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
[!] Ordner Gelöscht : C:\Program Files\SoftwareUpdater
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Local\Babylon
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Local\Conduit
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Local\cre
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Local\DownloadGuide
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\LocalLow\Conduit
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Roaming\dvdvideosoftiehelpers
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Roaming\Windows Net Data
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
[!] Ordner Gelöscht : C:\Users\Ronny Peterson\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Ronny Peterson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
Datei Gelöscht : C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\searchplugins\dvdvideosofttb-de-customized-web-search.xml
Datei Gelöscht : C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Windows\System32\Tasks\FreeDriverScout
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{638482BC-3092-42DC-AEA1-735264911A77}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\IB Updater
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16506
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v25.0 (de)
[ Datei : C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\prefs.js ]
Zeile gelöscht : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT2625848.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.search.searchAppId", "129181467799155027");
Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1364302987179");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1364302986882");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1364302986933");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.15.0.562_lastUpdate", "1364302987191");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1364302986966");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1364302986996");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1364302986904");
Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1364302987017");
Zeile gelöscht : user_pref("CT2625848.showToolbarPermission", "false");
Zeile gelöscht : user_pref("CT2625848.toolbarCurrentServerTime", "26-3-2013");
Zeile gelöscht : user_pref("CT2625848.toolbarLoginClientTime", "Tue Mar 26 2013 14:03:07 GMT+0100");
Zeile gelöscht : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1364302865897,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "DVDVideoSoftTB DE Customized Web Search");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=");
Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2625848");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "DVDVideoSoftTB DE Customized Web Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "DVDVideoSoftTB DE Customized Web Search");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.backgroundjs", "\n\n/*****************************************************************************[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.js", "\n\n /************************************************************************************\[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_155.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jquery;if(appAPI.platform==\[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searchEngine\",(function(a){return function(){var [...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1414c1452187d29019a2aa0af69db4b5");
Zeile gelöscht : user_pref("extensions.ffxtlbr@incredibar.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.incredibar.admin", false);
Zeile gelöscht : user_pref("extensions.incredibar.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.incredibar.cntry", "DE");
Zeile gelöscht : user_pref("extensions.incredibar.dfltLng", "");
Zeile gelöscht : user_pref("extensions.incredibar.dfltSrch", false);
Zeile gelöscht : user_pref("extensions.incredibar.did", "10643");
Zeile gelöscht : user_pref("extensions.incredibar.envrmnt", "production");
Zeile gelöscht : user_pref("extensions.incredibar.excTlbr", false);
Zeile gelöscht : user_pref("extensions.incredibar.hdrMd5", "36165365ACCCB21D2683E0F3D970D63C");
Zeile gelöscht : user_pref("extensions.incredibar.hmpg", false);
Zeile gelöscht : user_pref("extensions.incredibar.id", "ce351a6000000000000000ff01000001");
Zeile gelöscht : user_pref("extensions.incredibar.installerproductid", "26");
Zeile gelöscht : user_pref("extensions.incredibar.instlDay", "15735");
Zeile gelöscht : user_pref("extensions.incredibar.instlRef", "");
Zeile gelöscht : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1420:49:24");
Zeile gelöscht : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
Zeile gelöscht : user_pref("extensions.incredibar.newTab", false);
Zeile gelöscht : user_pref("extensions.incredibar.noFFXTlbr", false);
Zeile gelöscht : user_pref("extensions.incredibar.ppd", "1");
Zeile gelöscht : user_pref("extensions.incredibar.prdct", "incredibar");
Zeile gelöscht : user_pref("extensions.incredibar.productid", "26");
Zeile gelöscht : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Zeile gelöscht : user_pref("extensions.incredibar.sg", "none");
Zeile gelöscht : user_pref("extensions.incredibar.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.incredibar.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQXp1nRZk&loc=IB_TB&i=26&search=");
Zeile gelöscht : user_pref("extensions.incredibar.upn2", "6PQXp1nRZk");
Zeile gelöscht : user_pref("extensions.incredibar.upn2n", "92544362759619494");
Zeile gelöscht : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Zeile gelöscht : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1420:49:24");
Zeile gelöscht : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Zeile gelöscht : user_pref("extensions.incredibar_i.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.incredibar_i.dfltLng", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.did", "10643");
Zeile gelöscht : user_pref("extensions.incredibar_i.excTlbr", false);
Zeile gelöscht : user_pref("extensions.incredibar_i.id", "ce351a6000000000000000ff01000001");
Zeile gelöscht : user_pref("extensions.incredibar_i.installerproductid", "26");
Zeile gelöscht : user_pref("extensions.incredibar_i.instlDay", "15735");
Zeile gelöscht : user_pref("extensions.incredibar_i.instlRef", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.ms_url_id", "");
Zeile gelöscht : user_pref("extensions.incredibar_i.newTab", false);
Zeile gelöscht : user_pref("extensions.incredibar_i.ppd", "1");
Zeile gelöscht : user_pref("extensions.incredibar_i.prdct", "incredibar");
Zeile gelöscht : user_pref("extensions.incredibar_i.productid", "26");
Zeile gelöscht : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Zeile gelöscht : user_pref("extensions.incredibar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.incredibar_i.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQXp1nRZk&loc=IB_TB&i=26&search=");
Zeile gelöscht : user_pref("extensions.incredibar_i.upn2", "6PQXp1nRZk");
Zeile gelöscht : user_pref("extensions.incredibar_i.upn2n", "92544362759619494");
Zeile gelöscht : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Zeile gelöscht : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1420:49:24");
Zeile gelöscht : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&CUI=UN47969287493718105&UM=&q=");
Zeile gelöscht : user_pref("smartBar.searchInNewTabOwner", "CT2625848");
Zeile gelöscht : user_pref("smartbar.machineId", "WFNZUU+NKDO8/0OCJUZJJSZZMQVLRQPSMQI+J3DFVZODJ61QY2A7JHKMTNWH/RDVCHMN5QUUBUGWW0SJGQ1D7A");
*************************
AdwCleaner[R0].txt - [405 octets] - [25/09/2013 19:56:11]
AdwCleaner[R1].txt - [405 octets] - [25/09/2013 20:14:55]
AdwCleaner[R2].txt - [405 octets] - [26/09/2013 04:42:01]
AdwCleaner[R3].txt - [20271 octets] - [26/09/2013 17:11:22]
AdwCleaner[S0].txt - [19397 octets] - [26/09/2013 17:14:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19458 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Windows (TM) Vista Ultimate x64
Ran by Ronny Peterson on 26.09.2013 at 17:31:29,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-82046455-3787525402-3533716263-1000\Software\IB Updater
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-82046455-3787525402-3533716263-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322902230}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322902230}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366906630}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECA8654-1F0A-4E7E-8900-473F20FADF5E}
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{01BA020D-6A6C-4D8D-A778-7058CDC0A46E}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{0634B257-7981-41BB-A036-7F7BAEB27D22}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{2091D430-BED6-489C-A2D3-34E7F28D8BC0}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{3C2933A6-2905-4369-8F49-0C1E1EAB7F0A}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{45B33E75-7D30-4B4B-AB62-3C8D0F1B0493}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{4AD0BE17-A7B4-485C-92BF-059EB5A4659B}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{582723DC-E05E-4D95-9C23-14986BFA1048}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{6CC5CFEB-F249-41DC-8247-C5D2A1897336}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{918D53F5-1646-4F83-A716-C6B0232D6560}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{93562E82-8AE2-4014-B310-ACE1BF0F4D29}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{AA27372B-D40F-4096-8F2B-53D1CD6D1126}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{AAC6347A-8D51-4E79-8192-DF550456CBB6}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{AD6B9EB5-1C34-44DC-8989-D30C28605CB8}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{AF45CC07-A788-49E4-8424-BE468AB6A48A}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{B1788FB8-469B-4EFD-8583-E251335C27FE}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{B3B085A1-2BDD-4766-BEB6-1A0EFA883C81}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{BB0939F6-1DE1-485F-89E7-6ADDF06DE68D}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{BF268F7A-EC51-40EB-9FAF-7348592CABBD}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{C857A3A4-F1AB-486A-92F8-12D930F70955}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{DE668F7C-4C34-4D0B-91DC-DB9B6574ADCC}
Successfully deleted: [Empty Folder] C:\Users\Ronny Peterson\appdata\local\{ED6EBD84-B8EE-47E2-896F-BD8744180BE3}
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.09.2013 at 17:35:51,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Zitat:
Hab die antwort von dir zu spät gesehen. Kam nach hause, PC an ADWCleaner und dann JRT. |
|
26.09.2013, 16:50
| #9 |
| /// TB-Ausbilder | www_getwindowinfo Servus, Servus, sieht gut aus. Wir spüren die letzten Reste auf, damit wir sie später entfernen können: Schritt 1 Kontrollscan mit FRST Führe wie zuvor beschrieben einen Scan mit FRST aus. Setze dazu eine Haken bei Addition.txt rechts unten und klicke auf Scan. Es werden wieder zwei Logdateien erzeugt. Poste mir diese. Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Gibt es noch Probleme mit Malware? Wenn ja, welche? Wie läuft der Rechner derzeit? Bitte poste mit deiner nächsten Antwort
|
|
26.09.2013, 17:13
| #10 |
| | www_getwindowinfo So, FRST Log FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-09-2013 Ran by Ronny Peterson (administrator) on RONNYPETERSO-PC on 26-09-2013 17:57:38 Running from C:\Users\Ronny Peterson\Desktop Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (AMD) C:\Windows\system32\atieclxx.exe (Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe (Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe () C:\Windows\Samsung\PanelMgr\SSMMgr.exe () C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe () C:\Windows\Samsung\PanelMgr\caller64.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Devguru Co., Ltd.) C:\Windows\system32\dgdersvc.exe () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE () C:\Program Files\EslWire\service\WireHelperSvc.exe () C:\Windows\SysWOW64\XSrvSetup.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\DCService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\ehome\ehsched.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe (Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\SysWOW64\conime.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ProfilerU] - C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek) HKLM\...\Run: [SaiMfd] - C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek) HKLM\...\Run: [CmPCIaudio] - C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG) HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1814440 2013-09-21] (Valve Corporation) HKCU\...\Run: [KiesPDLR] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung) HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung) HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-09-30] (AMD) HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung) HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] () HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\SSMMgr.exe [552960 2009-02-27] () HKLM-x32\...\Run: [3170 Scan2PC] - C:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe [503808 2009-01-30] () HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation) HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Mcx1\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Mcx1\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) HKU\Mcx2\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Mcx2\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157 URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {33BFCA99-B28F-4F7A-89A9-D1B64237B8FE} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms} SearchScopes: HKCU - {50B6F626-ADC1-4a7c-867E-3C13E2F55EE5} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH SearchScopes: HKCU - {AC174D10-1FA5-4815-8670-2400D0EFD32B} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\Web Check\WebCheck.dll No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663 FF Homepage: hxxp://www.google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @java.com/DTPlugin,version=10.4.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.4.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Ronny Peterson\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Ronny Peterson\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Extension: No Name - C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com FF Extension: pricealarm - C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM FF Extension: Address Bar Search - C:\Users\Ronny Peterson\AppData\Roaming\Mozilla\Firefox\Profiles\bm5dkbwv.default-1347720239663\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi FF Extension: No Name - C:\Program Files (x86)\Web Check\WebCheck.xpi FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4\firefox.exe Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (YouTube) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Web Check) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacechnliklhcacondhhkkfobapdopee\0.1_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Plus-HD-3.8) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0 CHR Extension: (Gmail) - C:\Users\RONNYP~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx CHR StartMenuInternet: Google Chrome - C:\Users\Ronny Peterson\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 dgdersvc; C:\Windows\system32\dgdersvc.exe [119632 2010-09-06] (Devguru Co., Ltd.) R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] () R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [678416 2012-12-17] () R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] () R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-05-28] () R2 Prosieben; C:\Program Files (x86)\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.) ==================== Drivers (Whitelisted) ==================== S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [472448 2008-04-29] (AfaTech ) R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices) S2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] () S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [30720 2006-11-10] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-27] (Avira Operations GmbH & Co. KG) R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-05-22] (C-Media Inc) R3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [54072 2007-10-22] (Samsung Electronics) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [54072 2007-10-22] (Samsung Electronics) S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2011-08-03] (Turtle Entertainment GmbH) R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>) S3 etdrv; C:\Windows\etdrv.sys [25640 2011-06-26] (Windows (R) Server 2003 DDK provider) S3 etdrv; C:\Windows\etdrv.sys [25640 2011-06-26] (Windows (R) Server 2003 DDK provider) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-26] (Windows (R) Server 2003 DDK provider) R3 gdrv; C:\Windows\gdrv.sys [25640 2013-09-26] (Windows (R) Server 2003 DDK provider) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-07-01] () S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2011-07-01] () R3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [129024 2008-02-18] (Saitek) R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 HTCAND64; System32\Drivers\ANDROIDUSB.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 LGBusEnum; system32\drivers\LGBusEnum.sys [x] S3 LGVirHid; system32\drivers\LGVirHid.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] S1 [verify-U]_System; system32\drivers\[verify-U]-driver.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-26 17:57 - 2013-09-26 17:57 - 01956432 _____ (Farbar) C:\Users\Ronny Peterson\Desktop\FRST64.exe 2013-09-26 17:35 - 2013-09-26 17:35 - 00004542 _____ C:\Users\Ronny Peterson\Desktop\JRT.txt 2013-09-26 17:31 - 2013-09-26 17:31 - 00019555 _____ C:\Users\Ronny Peterson\Desktop\AdwCleaner[S0].txt 2013-09-26 17:31 - 2013-09-26 17:31 - 00000000 ____D C:\Windows\ERUNT 2013-09-26 05:04 - 2013-09-26 17:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4 2013-09-25 19:55 - 2013-09-25 19:55 - 01030038 _____ (Thisisu) C:\Users\Ronny Peterson\Desktop\JRT.exe 2013-09-25 19:53 - 2013-09-26 17:15 - 00000000 ____D C:\AdwCleaner 2013-09-25 19:53 - 2013-09-25 19:53 - 01042066 _____ C:\Users\Ronny Peterson\Desktop\adwcleaner.exe 2013-09-25 19:49 - 2013-09-25 19:49 - 00023670 _____ C:\ComboFix.txt 2013-09-25 19:37 - 2013-09-25 19:49 - 00000000 ____D C:\Qoobox 2013-09-25 19:37 - 2013-09-25 19:48 - 00000000 ____D C:\Windows\erdnt 2013-09-25 19:37 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-09-25 19:37 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-09-25 19:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-09-25 19:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-09-25 19:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-09-25 19:37 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-09-25 19:37 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-09-25 19:37 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-09-25 19:35 - 2013-09-25 19:35 - 05130004 ____R (Swearware) C:\Users\Ronny Peterson\Desktop\ComboFix.exe 2013-09-25 17:21 - 2013-09-25 17:23 - 00046245 _____ C:\Users\Ronny Peterson\Desktop\Addition.txt 2013-09-25 17:20 - 2013-09-25 17:20 - 00000000 ____D C:\FRST 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-24 17:51 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-09-23 20:45 - 2013-09-23 20:45 - 00000040 _____ C:\Autoconfig.ini 2013-09-23 20:44 - 2013-06-01 07:13 - 01571160 ____N C:\Windows\TotalUninstaller.exe 2013-09-23 20:44 - 2013-05-10 11:48 - 00162136 _____ C:\Windows\system32\spe__ci.exe 2013-09-23 20:44 - 2012-11-17 10:28 - 00000357 _____ C:\Windows\system32\spe__l.smt 2013-09-23 20:44 - 2011-04-11 07:26 - 00034304 _____ () C:\Windows\system32\spe__l.dll 2013-09-23 20:44 - 2010-10-20 10:46 - 00089600 _____ (SS) C:\Windows\system32\spe__ci.dll 2013-09-23 20:43 - 2013-09-23 20:43 - 00000000 ____D C:\Windows\twain_64 2013-09-23 20:43 - 2010-10-06 11:04 - 00142128 _____ C:\Windows\wiainst64.exe 2013-09-23 20:42 - 2010-05-20 14:08 - 00280064 _____ (Samsung Electronics) C:\Windows\system32\snWIAMUI.dll 2013-09-23 20:42 - 2010-04-20 17:20 - 00084592 _____ C:\Windows\system32\WIAEXSTR.loc 2013-09-23 20:42 - 2010-01-19 12:58 - 00160272 _____ (TWAIN Working Group) C:\Windows\system32\TWAINDSM.dll 2013-09-23 20:42 - 2010-01-19 12:57 - 00143896 _____ (TWAIN Working Group) C:\Windows\SysWOW64\TWAINDSM.dll 2013-09-23 20:41 - 2010-10-21 13:46 - 00207872 _____ C:\Windows\system32\SNWIAUI.dll 2013-09-23 20:41 - 2010-10-21 10:22 - 00709632 _____ C:\Windows\system32\SnMinDrv.dll 2013-09-23 20:41 - 2010-10-21 10:22 - 00163840 _____ C:\Windows\system32\SnImgFlt.dll 2013-09-23 20:41 - 2010-10-21 10:22 - 00103424 _____ C:\Windows\system32\SnErHdlr.dll 2013-09-23 20:37 - 2013-09-23 20:37 - 00000000 ____D C:\Program Files\Hewlett-Packard 2013-09-23 20:37 - 2013-09-23 20:37 - 00000000 ____D C:\cpqsystem 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\2C0A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0C0A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0C04 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0816 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0804 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0424 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041F 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041E 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041D 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041B 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0419 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0416 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0415 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0414 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0413 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0412 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0411 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0410 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040E 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040D 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040C 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040B 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0409 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0408 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0406 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0405 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0404 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0401 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics 2013-09-23 20:28 - 2013-09-23 20:28 - 00000000 ____D C:\ProgramData\FreeDriverScout 2013-09-23 20:26 - 2013-09-23 20:26 - 00000000 ____D C:\Program Files\Covus Freemium 2013-09-23 20:25 - 2013-09-25 19:47 - 00000000 ____D C:\Program Files (x86)\Web Check 2013-09-23 20:17 - 2013-09-23 20:27 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\DriverTurbo 2013-09-23 20:17 - 2013-09-23 20:27 - 00000000 ____D C:\Program Files (x86)\DriverTurbo 2013-09-23 20:17 - 2013-09-23 20:17 - 00345324 _____ C:\Users\Ronny Peterson\AppData\Local\dd_vcredistMSI3DFB.txt 2013-09-23 20:17 - 2013-09-23 20:17 - 00012810 _____ C:\Users\Ronny Peterson\AppData\Local\dd_vcredistUI3DFB.txt 2013-09-19 18:03 - 2013-09-20 04:38 - 98443620 _____ C:\Windows\SysWOW64\煾뻬Ñ 2013-09-17 18:07 - 2013-09-20 19:48 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Guild Wars 2 2013-09-15 14:39 - 2013-09-15 14:39 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\GW2Stuff 2013-09-15 14:37 - 2013-06-04 20:05 - 00000000 ____D C:\Users\Ronny Peterson\Desktop\Source 2013-09-15 14:37 - 2013-06-04 19:40 - 00300544 _____ C:\Users\Ronny Peterson\Desktop\GW2Stuff.exe 2013-09-14 16:43 - 2013-09-14 16:43 - 00276056 _____ C:\Windows\Minidump\Mini091413-01.dmp 2013-09-13 20:15 - 2013-09-13 20:15 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\Overwolf 2013-09-13 17:26 - 2013-09-14 15:00 - 97542592 _____ C:\Windows\SysWOW64\䍏쭢뻬É 2013-09-13 05:20 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-13 05:20 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-13 05:20 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-13 05:20 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-13 05:20 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-13 05:20 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-09-13 05:20 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-09-13 05:20 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-13 05:20 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-09-13 05:20 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-13 05:20 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-09-13 05:20 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-13 05:20 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-13 05:20 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-09-13 05:20 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-13 05:20 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-13 05:20 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-13 05:20 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-13 05:20 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-13 05:20 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-13 05:20 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-09-13 05:20 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-13 05:20 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-09-13 05:20 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-13 05:20 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-13 05:20 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-09-13 05:20 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-09-13 05:20 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-13 05:20 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-13 05:20 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-13 05:20 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-09-13 05:20 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-13 04:47 - 2013-08-08 04:03 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-13 04:47 - 2013-07-16 11:25 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2013-09-13 04:47 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2013-09-04 20:49 - 2013-09-18 20:52 - 00013005 _____ C:\Users\Ronny Peterson\Desktop\Klasse 1b.xlsx 2013-08-28 17:57 - 2013-08-02 16:06 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2013-08-28 17:57 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL ==================== One Month Modified Files and Folders ======= 2013-09-26 17:57 - 2013-09-26 17:57 - 01956432 _____ (Farbar) C:\Users\Ronny Peterson\Desktop\FRST64.exe 2013-09-26 17:35 - 2013-09-26 17:35 - 00004542 _____ C:\Users\Ronny Peterson\Desktop\JRT.txt 2013-09-26 17:33 - 2011-12-18 11:30 - 00001156 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000UA.job 2013-09-26 17:31 - 2013-09-26 17:31 - 00019555 _____ C:\Users\Ronny Peterson\Desktop\AdwCleaner[S0].txt 2013-09-26 17:31 - 2013-09-26 17:31 - 00000000 ____D C:\Windows\ERUNT 2013-09-26 17:24 - 2008-01-21 03:53 - 01547254 _____ C:\Windows\WindowsUpdate.log 2013-09-26 17:20 - 2012-04-28 09:33 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-26 17:20 - 2011-05-11 17:16 - 00000144 _____ C:\service.log 2013-09-26 17:20 - 2006-11-02 17:06 - 00000000 ___RD C:\Users\Public\Recorded TV 2013-09-26 17:19 - 2011-11-09 18:58 - 00000000 ____D C:\Program Files (x86)\Steam 2013-09-26 17:18 - 2011-05-11 17:31 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2013-09-26 17:18 - 2006-11-02 17:40 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-26 17:18 - 2006-11-02 17:21 - 00004176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-26 17:18 - 2006-11-02 17:21 - 00004176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-26 17:16 - 2006-11-02 17:40 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-09-26 17:15 - 2013-09-25 19:53 - 00000000 ____D C:\AdwCleaner 2013-09-26 17:15 - 2011-05-11 17:11 - 00000000 ___RD C:\Users\Ronny Peterson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-26 17:06 - 2013-09-26 05:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4 2013-09-26 17:00 - 2006-11-02 17:39 - 01568524 _____ C:\Windows\PFRO.log 2013-09-25 19:55 - 2013-09-25 19:55 - 01030038 _____ (Thisisu) C:\Users\Ronny Peterson\Desktop\JRT.exe 2013-09-25 19:53 - 2013-09-25 19:53 - 01042066 _____ C:\Users\Ronny Peterson\Desktop\adwcleaner.exe 2013-09-25 19:49 - 2013-09-25 19:49 - 00023670 _____ C:\ComboFix.txt 2013-09-25 19:49 - 2013-09-25 19:37 - 00000000 ____D C:\Qoobox 2013-09-25 19:49 - 2006-11-02 15:33 - 00000000 __RHD C:\Users\Default 2013-09-25 19:48 - 2013-09-25 19:37 - 00000000 ____D C:\Windows\erdnt 2013-09-25 19:48 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini 2013-09-25 19:47 - 2013-09-23 20:25 - 00000000 ____D C:\Program Files (x86)\Web Check 2013-09-25 19:35 - 2013-09-25 19:35 - 05130004 ____R (Swearware) C:\Users\Ronny Peterson\Desktop\ComboFix.exe 2013-09-25 18:38 - 2012-04-18 16:38 - 00003754 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A34D45CD-1E54-4F67-B2A7-A424BB42D55D} 2013-09-25 17:23 - 2013-09-25 17:21 - 00046245 _____ C:\Users\Ronny Peterson\Desktop\Addition.txt 2013-09-25 17:20 - 2013-09-25 17:20 - 00000000 ____D C:\FRST 2013-09-25 08:33 - 2011-12-18 11:30 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000Core.job 2013-09-24 19:51 - 2011-10-02 15:08 - 00000000 ____D C:\Program Files (x86)\Visions 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-09-24 17:51 - 2013-09-24 17:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-09-23 20:52 - 2012-06-30 14:10 - 00000668 _____ C:\Windows\Cmicnfg3.ini.imi 2013-09-23 20:45 - 2013-09-23 20:45 - 00000040 _____ C:\Autoconfig.ini 2013-09-23 20:45 - 2011-06-21 20:43 - 00000000 ____D C:\ProgramData\Samsung 2013-09-23 20:45 - 2011-05-11 17:10 - 00000000 ____D C:\Users\Ronny Peterson 2013-09-23 20:44 - 2011-06-21 20:42 - 00000000 ____D C:\Program Files (x86)\Samsung 2013-09-23 20:43 - 2013-09-23 20:43 - 00000000 ____D C:\Windows\twain_64 2013-09-23 20:40 - 2012-06-30 14:11 - 00000460 _____ C:\Windows\Cmicnfg3.ini.cfl 2013-09-23 20:40 - 2012-06-30 14:11 - 00000116 _____ C:\Windows\system\Dlap.pfx 2013-09-23 20:40 - 2008-12-09 15:54 - 00000589 _____ C:\Windows\system\Cmicnfg3.ini 2013-09-23 20:40 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\system 2013-09-23 20:37 - 2013-09-23 20:37 - 00000000 ____D C:\Program Files\Hewlett-Packard 2013-09-23 20:37 - 2013-09-23 20:37 - 00000000 ____D C:\cpqsystem 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\2C0A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0C0A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0C04 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0816 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0804 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0424 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041F 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041E 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041D 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\041B 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0419 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0416 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0415 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0414 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0413 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0412 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0411 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0410 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040E 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040D 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040C 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040B 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\040A 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0409 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0408 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0406 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0405 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0404 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Windows\system32\0401 2013-09-23 20:36 - 2013-09-23 20:36 - 00000000 ____D C:\Program Files (x86)\Renesas Electronics 2013-09-23 20:36 - 2011-05-11 17:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-23 20:36 - 2008-01-21 12:42 - 00000000 ____D C:\Windows\system32\0407 2013-09-23 20:28 - 2013-09-23 20:28 - 00000000 ____D C:\ProgramData\FreeDriverScout 2013-09-23 20:27 - 2013-09-23 20:17 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\DriverTurbo 2013-09-23 20:27 - 2013-09-23 20:17 - 00000000 ____D C:\Program Files (x86)\DriverTurbo 2013-09-23 20:26 - 2013-09-23 20:26 - 00000000 ____D C:\Program Files\Covus Freemium 2013-09-23 20:21 - 2011-05-14 18:25 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\UseNeXT 2013-09-23 20:17 - 2013-09-23 20:17 - 00345324 _____ C:\Users\Ronny Peterson\AppData\Local\dd_vcredistMSI3DFB.txt 2013-09-23 20:17 - 2013-09-23 20:17 - 00012810 _____ C:\Users\Ronny Peterson\AppData\Local\dd_vcredistUI3DFB.txt 2013-09-22 21:34 - 2011-05-11 19:31 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\TS3Client 2013-09-21 22:16 - 2011-05-11 18:50 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\HLSW 2013-09-21 21:33 - 2011-05-11 20:16 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr 2013-09-21 21:33 - 2011-05-11 19:11 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2013-09-21 21:33 - 2011-05-11 19:11 - 00281768 _____ C:\Windows\SysWOW64\PnkBstrB.ex0 2013-09-21 18:57 - 2011-08-04 10:31 - 00000000 ____D C:\Program Files (x86)\GUILD WARS 2013-09-20 19:48 - 2013-09-17 18:07 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\Guild Wars 2 2013-09-20 19:41 - 2008-01-21 12:47 - 01445460 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-20 19:41 - 2008-01-21 12:46 - 00628668 _____ C:\Windows\system32\perfh007.dat 2013-09-20 19:41 - 2008-01-21 12:46 - 00126474 _____ C:\Windows\system32\perfc007.dat 2013-09-20 18:13 - 2012-09-06 11:14 - 00037066 _____ C:\Users\Ronny Peterson\Desktop\Berufe GW2.xlsx 2013-09-20 04:38 - 2013-09-19 18:03 - 98443620 _____ C:\Windows\SysWOW64\煾뻬Ñ 2013-09-19 19:20 - 2012-04-28 09:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-19 19:20 - 2012-04-28 09:33 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-19 19:20 - 2011-05-14 19:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-18 20:52 - 2013-09-04 20:49 - 00013005 _____ C:\Users\Ronny Peterson\Desktop\Klasse 1b.xlsx 2013-09-15 14:39 - 2013-09-15 14:39 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\GW2Stuff 2013-09-15 11:34 - 2006-11-02 17:26 - 00152981 _____ C:\Windows\setupact.log 2013-09-14 16:43 - 2013-09-14 16:43 - 00276056 _____ C:\Windows\Minidump\Mini091413-01.dmp 2013-09-14 16:43 - 2011-05-18 20:21 - 00000000 ____D C:\Windows\Minidump 2013-09-14 16:43 - 2011-05-18 20:19 - 928170318 _____ C:\Windows\MEMORY.DMP 2013-09-14 15:00 - 2013-09-13 17:26 - 97542592 _____ C:\Windows\SysWOW64\䍏쭢뻬É 2013-09-13 20:15 - 2013-09-13 20:15 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Local\Overwolf 2013-09-13 20:14 - 2011-05-11 19:23 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2013-09-13 17:24 - 2006-11-02 17:21 - 00306800 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-13 05:23 - 2013-07-28 07:26 - 00000000 ____D C:\Windows\system32\MRT 2013-09-13 05:22 - 2012-07-31 17:27 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-13 05:22 - 2006-11-02 14:35 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2013-09-12 17:22 - 2012-06-21 18:18 - 00000000 ____D C:\Program Files (x86)\Guild Wars 2 2013-09-11 20:28 - 2013-04-27 20:17 - 00000000 ____D C:\Program Files (x86)\Pando Networks 2013-09-11 19:59 - 2012-01-21 09:53 - 00000000 ____D C:\Program Files (x86)\MyFree Codec 2013-09-11 19:58 - 2013-02-02 17:00 - 00000000 ____D C:\Program Files (x86)\RocketDock 2013-09-11 19:51 - 2013-08-23 04:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-11 19:51 - 2013-07-05 21:21 - 00000000 ____D C:\ProgramData\Apple Computer 2013-09-11 19:45 - 2011-07-16 20:16 - 00000000 ____D C:\Users\Ronny Peterson\AppData\Roaming\DVDVideoSoft 2013-09-11 19:43 - 2013-07-05 21:18 - 00000000 ____D C:\ProgramData\Apple 2013-09-05 17:01 - 2013-03-27 18:25 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-09-05 17:01 - 2013-03-27 18:25 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys Some content of TEMP: ==================== C:\Users\Ronny Peterson\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-26 17:28 ==================== End Of Log ============================ Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2013
Ran by Ronny Peterson at 2013-09-26 17:58:09
Running from C:\Users\Ronny Peterson\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
@BIOS (x32 Version: 2.08)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485)
ATI AVIVO64 Codecs (Version: 11.6.0.50930)
ATI Problem Report Wizard (Version: 3.0.795.0)
ATITool Overclocking Utility (x32 Version: 0.26)
Aureon 5.1 PCI
AutoGreen B10.0517.1 (x32 Version: 1.00.0000)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
BioShock Infinite (x32)
Browser Configuration Utility (x32 Version: 1.1.18.0)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7)
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Black Ops II - Zombies (x32)
Call of Duty: Black Ops II (x32)
Call of Duty: Modern Warfare 3 - Dedicated Server (x32)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Call of Duty: Modern Warfare 3 (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)
CCC Help Czech (x32 Version: 2012.1219.1520.27485)
CCC Help Danish (x32 Version: 2012.1219.1520.27485)
CCC Help Dutch (x32 Version: 2012.1219.1520.27485)
CCC Help English (x32 Version: 2012.1219.1520.27485)
CCC Help Finnish (x32 Version: 2012.1219.1520.27485)
CCC Help French (x32 Version: 2012.1219.1520.27485)
CCC Help German (x32 Version: 2012.1219.1520.27485)
CCC Help Greek (x32 Version: 2012.1219.1520.27485)
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)
CCC Help Italian (x32 Version: 2012.1219.1520.27485)
CCC Help Japanese (x32 Version: 2012.1219.1520.27485)
CCC Help Korean (x32 Version: 2012.1219.1520.27485)
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)
CCC Help Polish (x32 Version: 2012.1219.1520.27485)
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)
CCC Help Russian (x32 Version: 2012.1219.1520.27485)
CCC Help Spanish (x32 Version: 2012.1219.1520.27485)
CCC Help Swedish (x32 Version: 2012.1219.1520.27485)
CCC Help Thai (x32 Version: 2012.1219.1520.27485)
CCC Help Turkish (x32 Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Diablo III (x32 Version: 1.0.8.16603)
DVB-T USB BDA Driver (x32)
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000)
EasySaver B9.1214.1 (x32 Version: 1.00.0000)
erLT (x32 Version: 1.20.0137)
ESL Wire 1.15.3
Forsaken World (x32)
Gigabyte Raid Configurer (x32 Version: 1.00.0001)
Google Chrome (HKCU Version: 29.0.1547.76)
GUILD WARS (x32)
Guild Wars 2 (x32)
GuildWars Visions v1.08 (x32)
HLSW v1.4.0.2 (x32)
HydraVision (x32 Version: 4.2.180.0)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 25 (64-bit) (Version: 6.0.250)
Java(TM) 7 Update 4 (64-bit) (Version: 7.0.40)
League of Legends (x32 Version: 1.3)
Logitech SetPoint 5.20 (Version: 5.20)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
maxdome - Online Videothek (Version: 1.0)
maxdome Download Manager 4.1.300.78 (x32 Version: 4.1.30078)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Silverlight (x32 Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nero 7 Premium (x32 Version: 7.02.9755)
neroxml (x32 Version: 1.0.0)
ON_OFF Charge B10.0427.1 (x32 Version: 1.00.0001)
OutlookAddInNet3Setup (x32 Version: 1.0.0)
PDFCreator (x32 Version: 1.0.1)
Realtek Ethernet Controller Driver For Windows Vista (x32 Version: 6.236.322.2010)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6083)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.36.0)
Saitek Cyborg Keyboard Volume 6.2.1.3 (Version: 6.2.1.3)
Samsung CLX-3170 Series (x32)
Samsung Kies (x32 Version: 2.1.1.11124_17)
Samsung Universal Print Driver 2 (x32 Version: 2.50.03.00)
Samsung Universal Scan Driver (x32 Version: 1.2.5.0)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0)
Segoe UI (x32 Version: 15.4.2271.0615)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Smart Technology Programming Software 7.0.27.13 (Version: 7.0.27.13)
SmarThru 4 (x32)
SmarThru PC Fax (x32)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.12)
TeamViewer 8 (x32 Version: 8.0.17396)
Tomb Raider (x32)
Ultimate Extras sounds from Microsoft® Tinker™
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (x32 Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
UseNeXT by Tangysoft (x32)
User's Guides (Version: 1.20.0000)
VLC media player 2.0.5 (x32 Version: 2.0.5)
Web Check (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Utils (x32)
Windows-Soundschemas
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
==================== Restore Points =========================
06-09-2013 16:49:51 Windows Update
10-09-2013 16:06:29 Windows Update
11-09-2013 17:36:56 Removed Apple Application Support
11-09-2013 17:39:06 Removed Apple Mobile Device Support
11-09-2013 17:40:56 Removed Apple Software Update
11-09-2013 17:42:22 Removed Bonjour
11-09-2013 17:48:08 Removed iTunes
11-09-2013 17:56:01 Removed pdfforge Toolbar v7.6.
11-09-2013 17:59:33 Entfernt InstallShield Wiederherstellungspunkt
13-09-2013 03:13:53 Windows Update
14-09-2013 01:00:28 Windows Update
17-09-2013 15:00:58 Windows Update
23-09-2013 18:24:28 Free Driver Scout
23-09-2013 18:33:10 DriverUtilities
23-09-2013 18:35:42 Installiert Renesas Electronics USB 3.0 Host Controller Driver
23-09-2013 18:36:46 Gerätetreiber-Paketinstallation: Hewlett-Packard Company Systemgeräte
23-09-2013 18:38:19 Installiert Renesas Electronics USB 3.0 Host Controller Driver
23-09-2013 18:39:50 Gerätetreiber-Paketinstallation: Realtek Netzwerkadapter
23-09-2013 18:40:20 Gerätetreiber-Paketinstallation: C-Media Electronics Inc. Audio-, Video- und Gamecontroller
23-09-2013 18:42:25 Gerätetreiber-Paketinstallation: Samsung Bildverarbeitungsgeräte
23-09-2013 18:44:55 Gerätetreiber-Paketinstallation: Samsung Drucker
24-09-2013 15:41:03 Free Driver Scout
24-09-2013 15:43:09 Free Driver Scout
24-09-2013 20:38:11 Windows Update
25-09-2013 10:58:36 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 14:34 - 2013-09-25 19:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {055A0F92-C9FA-445F-B6F2-E7BC676707A6} - \FreeDriverScout No Task File
Task: {1BDB16F8-BA59-4E5B-8B0D-DEF87FAD2636} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {1C195172-244A-484D-9A7A-7F64B25E2092} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19] (Adobe Systems Incorporated)
Task: {22FB39C3-BC66-4CEF-84EA-2EC0C580D999} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000UA => C:\Users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-18] (Google Inc.)
Task: {2895AB63-E83E-4E3C-8736-518487C807D3} - System32\Tasks\User_Feed_Synchronization-{A34D45CD-1E54-4F67-B2A7-A424BB42D55D} => C:\Windows\system32\msfeedssync.exe [2012-04-18] (Microsoft Corporation)
Task: {5A07C22F-469C-443B-8375-0736C3C9557D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000Core => C:\Users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-18] (Google Inc.)
Task: {7168F3E5-8F53-4066-8C8C-96A3A2837C66} - \Software Updater No Task File
Task: {893AA01D-582D-44E9-A7A0-D1F978562DE2} - \Software Updater Ui No Task File
Task: {8B8827FF-32FB-4155-A82A-006970C5E8BF} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {C0B38178-CA76-4475-90EB-B2F41221156B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {DDE8ACE0-CDA6-4ED5-B177-C6880B60600B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000Core.job => C:\Users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-82046455-3787525402-3533716263-1000UA.job => C:\Users\Ronny Peterson\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-09-30 22:26 - 2010-09-30 22:26 - 00233472 _____ (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll
2010-09-29 03:13 - 2012-12-19 21:30 - 00045056 _____ () C:\Windows\system32\atitmp64.dll
2013-04-16 18:18 - 2013-04-16 18:18 - 00099840 _____ (Saitek) C:\Program Files\SmartTechnology\Software\ManuExtensionDLLs\AppLaunchEventDll.dll
2008-01-21 04:50 - 2008-01-21 04:50 - 00382464 _____ (Microsoft Corporation) C:\Windows\eHome\ehProxy.dll
2012-12-19 16:32 - 2012-12-19 16:32 - 00037376 _____ (AMD) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.ImplementationNet4.dll
2012-12-19 16:32 - 2012-12-19 16:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-08-14 18:14 - 2013-07-09 14:04 - 01168088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2012-12-12 05:26 - 2012-09-28 18:13 - 00860160 _____ (Microsoft Corporation) C:\Windows\syswow64\kernel32.dll
2011-05-15 12:41 - 2009-04-11 08:26 - 00648704 _____ (Microsoft Corporation) C:\Windows\syswow64\USER32.dll
2011-05-15 12:41 - 2009-04-11 08:26 - 00303616 _____ (Microsoft Corporation) C:\Windows\syswow64\GDI32.dll
2011-05-15 12:41 - 2009-04-11 08:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\syswow64\ADVAPI32.dll
2013-08-14 18:14 - 2013-07-10 11:47 - 00677888 _____ (Microsoft Corporation) C:\Windows\syswow64\RPCRT4.dll
2012-07-11 22:41 - 2012-06-02 02:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\syswow64\Secur32.dll
2011-05-15 12:41 - 2009-04-11 08:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\syswow64\MSCTF.dll
2012-04-17 08:37 - 2011-12-14 18:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\syswow64\msvcrt.dll
2011-05-12 04:52 - 2009-04-11 08:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\syswow64\LPK.DLL
2011-05-12 04:52 - 2010-04-16 18:46 - 00502272 _____ (Microsoft Corporation) C:\Windows\syswow64\USP10.dll
2012-07-11 22:41 - 2012-06-08 19:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\syswow64\SHELL32.dll
2013-01-10 05:10 - 2012-11-22 05:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\syswow64\SHLWAPI.dll
2008-01-21 04:49 - 2008-01-21 04:49 - 00179200 _____ (Microsoft Corporation) C:\Windows\syswow64\WS2_32.dll
2008-01-21 04:49 - 2008-01-21 04:49 - 00008192 _____ (Microsoft Corporation) C:\Windows\syswow64\NSI.dll
2006-11-02 14:13 - 2006-11-02 11:46 - 00012288 _____ (Microsoft Corporation) C:\Windows\syswow64\PSAPI.DLL
2011-05-12 04:57 - 2010-06-28 19:00 - 01316864 _____ (Microsoft Corporation) C:\Windows\syswow64\ole32.dll
2012-04-17 08:35 - 2011-08-25 18:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\syswow64\OLEAUT32.dll
2013-03-22 09:52 - 2013-03-22 09:45 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-07-11 22:41 - 2012-06-02 02:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2008-01-21 04:48 - 2008-01-21 04:48 - 00523776 _____ (Microsoft Corporation) C:\Windows\syswow64\CLBCatQ.DLL
2007-07-02 15:02 - 2007-07-02 15:02 - 03073320 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\AdvrCntr2.dll
2013-09-13 05:20 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\syswow64\WININET.dll
2006-11-02 14:17 - 2006-11-02 10:33 - 00002560 _____ (Microsoft Corporation) C:\Windows\syswow64\Normaliz.dll
2013-09-13 05:20 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\syswow64\iertutil.dll
2013-09-13 05:20 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\syswow64\urlmon.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\syswow64\comdlg32.dll
2010-09-30 22:26 - 2010-09-30 22:26 - 00208896 _____ (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00059176 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingServicePS.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00020776 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvrPS.dll
2007-06-27 19:03 - 2007-06-27 19:03 - 02749736 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMDataServices.dll
2006-11-02 14:13 - 2006-11-02 11:46 - 00012288 _____ (Microsoft Corporation) C:\Windows\syswow64\psapi.dll
2011-05-15 12:41 - 2009-04-11 08:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\syswow64\WLDAP32.dll
2013-03-12 18:10 - 2013-08-22 00:18 - 00687104 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\syswow64\COMDLG32.dll
2011-05-15 12:41 - 2009-04-11 08:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\syswow64\SETUPAPI.dll
2011-11-09 19:04 - 2013-09-21 20:35 - 01121192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.dll
2011-11-09 19:04 - 2013-09-11 00:20 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-16 11:52 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-16 11:52 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-16 11:52 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2012-04-17 08:34 - 2012-02-29 17:09 - 00157696 _____ (Microsoft Corporation) C:\Windows\syswow64\imagehlp.dll
2008-01-21 04:50 - 2008-01-21 04:50 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWow64\ACTXPRXY.DLL
2008-01-21 04:46 - 2008-01-21 04:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2008-01-21 04:49 - 2008-01-21 04:49 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 00167312 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentDialogs.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 00053128 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModels.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 00120712 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\GlobalUtil.dll
2011-12-23 21:59 - 2013-07-23 02:45 - 01048976 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 01618312 _____ (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\AgentModule.dll
2013-01-29 19:31 - 2013-07-23 02:45 - 00106496 _____ (TODO: <Company name>) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\BaseUI.dll
2013-01-29 19:32 - 2013-07-23 02:45 - 03341208 _____ (Codejock Software) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\ToolkitPro1331vc90U.dll
2012-12-12 05:26 - 2012-09-28 18:13 - 00860160 _____ (Microsoft Corporation) C:\Windows\syswow64\KERNEL32.dll
2011-12-23 21:59 - 2011-12-23 21:59 - 00307200 _____ ( MarkAny.) C:\Program Files (x86)\Samsung\Kies\External\MACSSDK.dll
2010-09-30 22:26 - 2010-09-30 22:26 - 00094208 _____ (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDeu.dll
2011-07-13 20:58 - 2008-06-26 04:45 - 00155648 _____ () C:\Windows\twain_32\Samsung\CLX3170\IMFilter.dll
2011-07-13 20:58 - 2008-06-26 04:46 - 01384520 _____ () C:\Windows\twain_32\Samsung\CLX3170\ssole.dll
2011-07-13 20:58 - 2008-06-26 04:46 - 00081920 _____ (Samsung Electronics) C:\Windows\twain_32\Samsung\CLX3170\scantopc.dll
2011-07-13 20:58 - 2008-06-26 04:45 - 00367104 _____ () C:\Windows\twain_32\Samsung\CLX3170\NetModule.dll
2011-12-28 00:19 - 2013-07-26 14:41 - 00250368 _____ (Windows (R) Codename Longhorn DDK provider) C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2011-09-16 14:39 - 2011-09-16 14:39 - 00098664 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
2013-03-22 09:52 - 2013-03-22 09:45 - 00257536 _____ (The cURL library, hxxp://curl.haxx.se/) C:\Program Files (x86)\Avira\AntiVir Desktop\libcurl.dll
2011-05-11 17:16 - 2009-03-13 11:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2011-05-15 12:40 - 2009-04-11 08:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2008-01-21 04:50 - 2008-01-21 04:50 - 00234496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UxTheme.dll
2012-04-17 08:35 - 2011-10-14 18:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINMM.dll
2012-04-17 08:35 - 2011-08-25 18:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OLEACC.dll
2012-08-15 17:11 - 2012-06-29 18:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NETAPI32.dll
2008-01-21 04:49 - 2008-01-21 04:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSACM32.dll
2011-05-15 12:39 - 2009-04-11 08:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VERSION.dll
2006-11-02 14:21 - 2006-11-02 11:46 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sfc.dll
2008-01-21 04:48 - 2008-01-21 04:48 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sfc_os.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\USERENV.dll
2008-01-21 04:47 - 2008-01-21 04:47 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPR.dll
2008-01-21 04:49 - 2008-01-21 04:49 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSTA.dll
2011-05-15 12:40 - 2009-04-11 08:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NTMARTA.DLL
2011-05-15 12:40 - 2009-04-11 08:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SAMLIB.dll
2008-01-21 04:47 - 2008-01-21 04:47 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSOCK32.dll
2013-08-14 18:14 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINTRUST.dll
2013-08-14 18:14 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CRYPT32.dll
2011-05-12 04:53 - 2009-09-04 13:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSASN1.dll
2009-05-01 18:58 - 2009-05-01 18:58 - 00132328 _____ (Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\OSUtility.dll
2009-05-01 18:58 - 2009-05-01 18:58 - 01057512 _____ () C:\Program Files (x86)\maxdome\DCBin\PocoFoundation.dll
2009-05-01 18:58 - 2009-05-01 18:58 - 00627944 _____ () C:\Program Files (x86)\maxdome\DCBin\PocoNet.dll
2009-05-01 18:57 - 2009-05-01 18:57 - 00903912 _____ (Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\DCS.dll
2009-05-01 18:58 - 2009-05-01 18:58 - 00514352 _____ () C:\Program Files (x86)\maxdome\DCBin\sqlite3.dll
2009-05-01 18:57 - 2009-05-01 18:57 - 00108776 _____ (Entriq, Inc.) C:\Program Files (x86)\maxdome\DCBin\LicenseHandler.dll
2009-05-01 18:58 - 2009-05-01 18:58 - 00517352 _____ () C:\Program Files (x86)\maxdome\DCBin\PocoXML.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00070952 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMLogCxx.dll
2007-06-27 19:02 - 2007-06-27 19:02 - 00742696 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\log4cxx.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00320808 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMSQLDB.dll
2007-06-27 19:03 - 2007-06-27 19:03 - 00541992 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMCoFoundation.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00107816 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMPluginBase.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00181544 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMFullTextExtraction.dll
2007-06-27 19:04 - 2007-06-27 19:04 - 00181544 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMSearchPluginSimilarImages.dll
2007-06-28 19:16 - 2007-06-28 19:16 - 03376424 _____ (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NeroIPP.dll
2011-05-15 12:40 - 2009-04-11 08:26 - 00116224 _____ (Microsoft Corporation) C:\Windows\syswow64\IMM32.dll
2013-09-26 05:04 - 2013-09-26 05:04 - 03367832 _____ () C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\[verify-U] => ""="Service"
==================== Faulty Device Manager Devices =============
Name: ATITool Driver
Description: ATITool Driver
Class Guid: {85b5ddd0-e090-4b15-bdf2-a443a3ca0b66}
Manufacturer: W1zzard
Service: ATITool
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-09-26 17:18:08.478
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-26 17:18:08.308
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-26 17:17:47.840
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-26 17:17:47.669
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-26 17:01:01.028
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-26 17:01:00.875
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-26 17:00:36.792
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-26 17:00:36.605
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\ATITool64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-25 19:47:46.576
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-25 19:47:46.403
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 24%
Total physical RAM: 12284.63 MB
Available physical RAM: 9325.29 MB
Total Pagefile: 24501.78 MB
Available Pagefile: 21507.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.25 GB) (Free:32.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:458.59 GB) (Free:416.52 GB) NTFS
Drive f: (Privat) (Fixed) (Total:698.64 GB) (Free:267.69 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 36127A51)
Partition 1: (Not Active) - (Size=9 GB) - (Type=27)
Partition 2: (Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=459 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 699 GB) (Disk ID: D417CB4D)
Partition 1: (Active) - (Size=699 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
WARNUNG an die MITLESER: 
Linear-Darstellung
