| |
| |||||||
Log-Analyse und Auswertung: Windows Vista: Polizei Virus/TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
29.10.2013, 14:25
| #1 |
 |  Windows Vista: Polizei Virus/Trojaner Hallo! Ich habe mir gestern den Polizei Virus eingefangen (Österr. Version) Mein erster Schritt war, mit der Kaspersky Rescue Disk und dem Windowsunlocker wieder Zugriff auf meinen Laptop zu erhalten. Dann habe ich den AdwCleaner drüber laufen lassen und anschließend die relevanten Scans wie hier im Forum empfohlen ebenfalls laufen lassen. Gmer scheint noch etwas zu finden. Weitere verdächtige Files bereits isoliert: lf8mqr8z0.reg 1kb lf8mqr8z0.pss 61kb lf8mqr8z0.fvv 0kb lf8mqr8z0.bxx 92.799 kb 0z8rqm8fl.dss 136kb Bitte um Eure Hilfe! Vielen Dank im voraus, anbei die einzelnen LogFiles: Code:
ATTFilter # AdwCleaner v3.010 - Bericht erstellt am 29/10/2013 um 10:58:03
# Updated 20/10/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzername : admin - *****-MOBIL2
# Gestartet von : F:\rescue\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
[!] Ordner Gelöscht : C:\ProgramData\Uniblue\DriverScanner
[!] Ordner Gelöscht : C:\Users\admin\AppData\Local\OpenCandy
[!] Ordner Gelöscht : C:\Users\admin\AppData\Roaming\OpenCandy
Datei Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\aqf28n1b.default\.autoreg
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\Uniblue\DriverScanner
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16457
-\\ Mozilla Firefox v24.0 (de)
[ Datei : C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\f5yp4lv7.default\prefs.js ]
[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\aqf28n1b.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [3305 octets] - [29/10/2013 10:52:04]
AdwCleaner[S0].txt - [2691 octets] - [29/10/2013 10:58:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2751 octets] ##########
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:13 on 29/10/2013 (admin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-10-2013
Ran by admin (administrator) on ******-MOBIL2 on 29-10-2013 11:18:39
Running from F:\rescue
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Hewlett-Packard Corporation) C:\Windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\Windows\system32\vfsFPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 9\MacDrive9Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
() C:\Program Files (x86)\SMINST\BLService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Windows\system32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 9\MacDrive.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
() C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DPAgent.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [441344 2008-08-05] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1561384 2008-07-17] (Synaptics, Inc.)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [912688 2008-09-23] (Hewlett-Packard)
HKLM\...\Run: [MacDrive 9 application] - C:\Program Files\Mediafour\MacDrive 9\MacDrive.exe [509952 2013-02-19] (Mediafour Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [] - [x]
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1814440 2013-09-21] (Valve Corporation)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1084840 2012-05-16] (Nokia)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKCU\...\Run: [HP Deskjet 3070 B611 series (NET)] - C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe [2676584 2011-06-08] (Hewlett-Packard Co.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKCU\...\Winlogon: [Shell] Explorer.exe <==== ATTENTION
MountPoints2: {8981533e-25d8-11e3-b492-00247e40ce9b} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-07-11] (Nullsoft, Inc.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] - C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [TVAgent] - C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [206120 2008-09-24] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296 2008-09-25] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2009-05-26] (Apple Inc.)
HKLM-x32\...\Run: [QlbCtrl.exe] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [hpWirelessAssistant] - C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [DVDAgent] - C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-09-26] (CyberLink Corp.)
HKLM-x32\...\Run: [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe [814144 2008-07-14] (DigitalPersona, Inc.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-09-25] (CyberLink)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2009-03-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [40376 2011-09-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640440 2010-09-22] (Adobe Systems Inc.)
HKU\Buchhaltung\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\Gast\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.orf.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=91&bd=Pavilion&pf=cnnb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6796FEE5-2792-4E17-A635-8255B021D84A} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcnnbie7-de-at
SearchScopes: HKLM - {6796FEE5-2792-4E17-A635-8255B021D84A} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcnnbie7-de-at
SearchScopes: HKLM - {84F73379-8BFA-44E6-82B4-603FEA480A2F} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM - {A2ED3E4A-3283-4805-BBFA-D4115EDBA85F} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 - {6796FEE5-2792-4E17-A635-8255B021D84A} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcnnbie7-de-at
SearchScopes: HKLM-x32 - {84F73379-8BFA-44E6-82B4-603FEA480A2F} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 - {A2ED3E4A-3283-4805-BBFA-D4115EDBA85F} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKCU - {4B985E42-B6D8-48B8-8A20-7F2988C99231} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {6796FEE5-2792-4E17-A635-8255B021D84A} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcnnbie7-de-at
SearchScopes: HKCU - {84F73379-8BFA-44E6-82B4-603FEA480A2F} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKCU - {A2ED3E4A-3283-4805-BBFA-D4115EDBA85F} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
BHO-x32: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.9.0.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\f5yp4lv7.default
FF Homepage: hxxp://www.orf.at/
FF NetworkProxy: "type", 0
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\f5yp4lv7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: defaults - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\f5yp4lv7.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\IPSFF
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
==================== Services (Whitelisted) =================
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\AESTSr64.exe [89088 2008-06-26] (Andrea Electronics Corporation)
R2 MacDrive9Service; C:\Program Files\Mediafour\MacDrive 9\MacDrive9Service.exe [180736 2013-02-19] (Mediafour Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_86727c20\STacSV64.exe [251904 2008-08-05] (IDT, Inc.)
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [6245744 2010-03-08] (Wacom Technology, Corp.)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-09-24] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-09-24] ()
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [719152 2008-09-16] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWow64\vfsFPService.exe [599344 2008-09-16] (Validity Sensors, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]
==================== Drivers (Whitelisted) ====================
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [58496 2008-01-21] (Microsoft Corporation)
S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2009-09-27] ()
S1 Aspi32; C:\Windows\SysWow64\Drivers\Aspi32.sys [25244 2009-10-05] (Adaptec)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-09-27] ()
R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306560 2008-06-10] (AVerMedia TECHNOLOGIES, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20131022.001\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R1 CBDisk; C:\Windows\system32\drivers\CBDisk.sys [70344 2011-05-06] (EldoS Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-09-01] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-09-01] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20131024.001\IDSvia64.sys [521816 2013-10-24] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-09-27] ()
R0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [323208 2013-01-24] (Mediafour Corporation)
R0 MDPMGRNT; C:\Windows\System32\DRIVERS\MDPMGRNT.SYS [41680 2012-11-28] (Mediafour Corporation)
R0 MDRAID; C:\Windows\System32\DRIVERS\MDRAID.sys [187120 2012-11-28] (Mediafour Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20131024.007\ENG64.SYS [126040 2013-10-24] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20131024.007\EX64.SYS [2099288 2013-10-24] (Symantec Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 SxSmemcd; C:\Windows\System32\DRIVERS\SxSmemcd.sys [57856 2007-07-25] (Sony Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-08] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMTDIV.SYS [457304 2013-04-25] (Symantec Corporation)
R3 vfs101a; C:\Windows\System32\drivers\vfs101a.sys [49968 2008-09-16] (Validity Sensors, Inc.)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [27632 2008-09-26] (Cyberlink Corp.)
U4 eabfiltr;
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 SYMDNS; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SYMDNS.SYS [x]
S3 SYMFW; \SystemRoot\System32\Drivers\NISx64\1008030.006\SYMFW.SYS [x]
S3 SYMNDISV; \SystemRoot\System32\Drivers\NISx64\1008030.006\SYMNDISV.SYS [x]
S3 SYMREDRV; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SYMREDRV.SYS [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-29 11:13 - 2013-10-29 11:13 - 00000000 _____ C:\Users\admin\defogger_reenable
2013-10-29 11:10 - 2013-10-29 11:14 - 00000000 ____D C:\Users\admin\Documents\Anti_vir_scan2910
2013-10-29 11:09 - 2013-10-29 11:09 - 00000000 ____D C:\FRST
2013-10-29 10:51 - 2013-10-29 11:07 - 00000000 ____D C:\AdwCleaner
2013-10-29 02:26 - 2013-10-29 03:27 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-10-29 00:07 - 2013-10-29 00:29 - 00000291 _____ C:\ProgramData\lf8mqr8z0.reg
2013-10-29 00:06 - 2013-10-29 00:29 - 95025368 ____T C:\ProgramData\lf8mqr8z0.bxx
2013-10-29 00:06 - 2013-10-29 00:29 - 00000000 _____ C:\ProgramData\lf8mqr8z0.fvv
2013-10-29 00:06 - 2013-10-29 00:06 - 00139264 _____ (Sekizenkan Company) C:\ProgramData\0z8rqm8fl.dss
2013-10-29 00:06 - 2013-10-29 00:06 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\lf8mqr8z0.pss
2013-10-22 21:06 - 2013-10-22 21:07 - 00000000 ____D C:\Users\admin\Documents\tramticket
2013-10-14 00:23 - 2013-10-14 00:23 - 00042137 _____ C:\Users\admin\Downloads\flm303-class01.mp4.G62FG56TD1XI.torrent
==================== One Month Modified Files and Folders =======
2013-10-29 11:14 - 2013-10-29 11:10 - 00000000 ____D C:\Users\admin\Documents\Anti_vir_scan2910
2013-10-29 11:13 - 2013-10-29 11:13 - 00000000 _____ C:\Users\admin\defogger_reenable
2013-10-29 11:13 - 2009-06-09 17:42 - 00000000 ____D C:\Users\admin
2013-10-29 11:09 - 2013-10-29 11:09 - 00000000 ____D C:\FRST
2013-10-29 11:08 - 2012-01-26 18:17 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-29 11:07 - 2013-10-29 10:51 - 00000000 ____D C:\AdwCleaner
2013-10-29 11:07 - 2012-12-20 00:11 - 00000000 ____D C:\Users\admin\AppData\Roaming\Dropbox
2013-10-29 11:07 - 2009-03-19 03:33 - 01145854 _____ C:\Windows\WindowsUpdate.log
2013-10-29 11:06 - 2010-09-11 10:38 - 00000000 ____D C:\Users\admin\AppData\Roaming\WTablet
2013-10-29 11:00 - 2011-10-20 11:13 - 00000000 ____D C:\ProgramData\Uniblue
2013-10-29 11:00 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-29 11:00 - 2006-11-02 16:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-29 11:00 - 2006-11-02 16:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-29 10:58 - 2009-03-19 03:33 - 00003204 _____ C:\Windows\bthservsdp.dat
2013-10-29 10:58 - 2006-11-02 16:42 - 00032562 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-29 10:54 - 2008-10-27 09:30 - 00673502 _____ C:\Windows\system32\perfh007.dat
2013-10-29 10:54 - 2008-10-27 09:30 - 00145482 _____ C:\Windows\system32\perfc007.dat
2013-10-29 10:54 - 2006-11-02 13:46 - 01565124 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-29 10:47 - 2012-11-07 15:17 - 00007916 _____ C:\Users\admin\AppData\Local\d3d9caps.dat
2013-10-29 03:27 - 2013-10-29 02:26 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-10-29 01:14 - 2006-11-02 16:21 - 05028400 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-29 00:42 - 2012-08-31 16:42 - 00000000 ____D C:\Windows\pss
2013-10-29 00:42 - 2009-06-09 17:47 - 00000000 ___RD C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-29 00:29 - 2013-10-29 00:07 - 00000291 _____ C:\ProgramData\lf8mqr8z0.reg
2013-10-29 00:29 - 2013-10-29 00:06 - 95025368 ____T C:\ProgramData\lf8mqr8z0.bxx
2013-10-29 00:29 - 2013-10-29 00:06 - 00000000 _____ C:\ProgramData\lf8mqr8z0.fvv
2013-10-29 00:09 - 2013-09-02 11:56 - 00010180 _____ C:\Windows\PFRO.log
2013-10-29 00:06 - 2013-10-29 00:06 - 00139264 _____ (Sekizenkan Company) C:\ProgramData\0z8rqm8fl.dss
2013-10-29 00:06 - 2013-10-29 00:06 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\lf8mqr8z0.pss
2013-10-28 23:53 - 2009-06-14 16:38 - 00000000 ____D C:\Users\admin\AppData\Roaming\Skype
2013-10-28 23:52 - 2012-11-11 02:11 - 00000000 ____D C:\Users\admin\AppData\Local\Firestorm
2013-10-28 19:49 - 2012-02-03 14:37 - 00002413 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-28 12:58 - 2011-10-20 11:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Winamp
2013-10-28 12:43 - 2009-06-15 11:54 - 00000000 ____D C:\Projects
2013-10-27 17:49 - 2013-03-22 18:24 - 00000000 ____D C:\Program Files (x86)\Origin
2013-10-24 11:52 - 2012-12-20 00:17 - 00000000 ___RD C:\Users\admin\Dropbox
2013-10-24 11:39 - 2012-10-22 14:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-22 21:07 - 2013-10-22 21:06 - 00000000 ____D C:\Users\admin\Documents\tramticket
2013-10-22 21:05 - 2013-09-27 16:06 - 00001430 _____ C:\Windows\setupact.log
2013-10-22 00:04 - 2011-02-15 12:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-21 10:26 - 2012-05-09 15:18 - 00000000 ____D C:\Users\admin\Documents\screeno_Buchhaltung
2013-10-21 09:58 - 2012-07-18 10:39 - 00000000 ____D C:\Users\Public\HBPData
2013-10-21 09:58 - 2012-07-18 10:39 - 00000000 ____D C:\Program Files (x86)\HBP
2013-10-20 19:59 - 2012-08-13 05:22 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForadmin
2013-10-20 19:59 - 2012-08-13 05:22 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForadmin.job
2013-10-17 01:08 - 2011-04-26 14:33 - 00000000 ____D C:\Users\admin\AppData\Roaming\uTorrent
2013-10-14 00:23 - 2013-10-14 00:23 - 00042137 _____ C:\Users\admin\Downloads\flm303-class01.mp4.G62FG56TD1XI.torrent
Files to move or delete:
====================
C:\Users\admin\AppData\Roaming\skype.ini
C:\ProgramData\0z8rqm8fl.dss
C:\ProgramData\lf8mqr8z0.reg
Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
C:\Users\admin\AppData\Local\Temp\~tmf1117433543836776269.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-29 11:12
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-10-2013
Ran by admin at 2013-10-29 11:19:11
Running from F:\rescue
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
µTorrent (x32 Version: 2.2.1)
3100_3200_3300_Help (x32 Version: 82.0.242.000)
3100_3200_3300trb (x32 Version: 82.0.242.000)
3200 (x32 Version: 82.0.242.000)
64 Bit HP CIO Components Installer (Version: 1.0.0)
7-Zip 9.20 (x32)
ACID Pro 7.0 (x32 Version: 7.0.653)
Acrobat.com (x32 Version: 0.0.0)
Acrobat.com (x32 Version: 1.2.443)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0)
Activation Assistant for the 2007 Microsoft Office suites (x32)
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.4.6)
Adobe Acrobat 9.4.6 - CPSID_83708 (x32)
Adobe After Effects CS4 (x32 Version: 9)
Adobe After Effects CS4 Presets (x32 Version: 9)
Adobe After Effects CS4 Template Projects & Footage (x32 Version: 9)
Adobe After Effects CS4 Third Party Content (x32 Version: 9)
Adobe AIR (x32 Version: 3.4.0.2710)
Adobe Anchor Service CS4 (x32 Version: 2.0)
Adobe Anchor Service x64 CS4 (Version: 2.0)
Adobe Bridge CS4 (x32 Version: 3)
Adobe CMaps CS4 (x32 Version: 2.0)
Adobe CMaps x64 CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0)
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0)
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0)
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0)
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0)
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0)
Adobe Community Help (x32 Version: 3.5.23)
Adobe ConnectNow Add-in (HKCU)
Adobe Contribute CS4 (x32 Version: 5.0)
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0)
Adobe Creative Suite 5 Master Collection (x32 Version: 5.0)
Adobe CS4 American English Speech Analysis Models (x32 Version: 1)
Adobe CS4 French Speech Analysis Models (x32 Version: 1)
Adobe CS4 German Speech Analysis Models (x32 Version: 1)
Adobe CS4 International English Speech Analysis Models (x32 Version: 1)
Adobe CS4 Italian Speech Analysis Models (x32 Version: 1)
Adobe CS4 Japanese Speech Analysis Models (x32 Version: 1)
Adobe CS4 Korean Speech Analysis Models (x32 Version: 1)
Adobe CS4 Spanish Speech Analysis Models (x32 Version: 1)
Adobe CSI CS4 (x32 Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (x32 Version: 2.0)
Adobe Device Central CS4 (x32 Version: 2)
Adobe Dreamweaver CS4 (x32 Version: 10.0)
Adobe Drive CS4 x64 (Version: 1)
Adobe Dynamiclink Support (x32 Version: 1)
Adobe Encore CS4 (x32 Version: 4)
Adobe Encore CS4 Codecs (x32 Version: 4)
Adobe Encore CS4 Library (x32 Version: 4)
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0)
Adobe Extension Manager CS4 (x32 Version: 2.0)
Adobe Flash CS4 (x32 Version: 10.0)
Adobe Flash CS4 Extension - Flash Lite STI en (x32 Version: 3.0)
Adobe Flash CS4 STI-en (x32 Version: 10.0)
Adobe Flash Player 10 Plugin (x32 Version: 10.0.2.54)
Adobe Flash Player 11 ActiveX (x32 Version: 11.6.602.171)
Adobe Fonts All (x32 Version: 2.0)
Adobe Fonts All x64 (Version: 2.0)
Adobe Illustrator CS4 (x32 Version: 14.0)
Adobe Linguistics CS4 (x32 Version: 4.0.0)
Adobe Linguistics CS4 x64 (Version: 4.0.0)
Adobe Media Encoder CS4 (x32 Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0)
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0)
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0)
Adobe Media Encoder CS4 Importer (x32 Version: 1.0)
Adobe Media Player (x32 Version: 1.8)
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0)
Adobe OnLocation CS4 (x32 Version: 4)
Adobe Output Module (x32 Version: 2.0)
Adobe PDF Library Files CS4 (x32 Version: 9.0)
Adobe PDF Library Files x64 CS4 (Version: 9.0)
Adobe Photoshop CS4 (64 Bit) (Version: 11.0)
Adobe Photoshop CS4 (x32 Version: 11.0)
Adobe Photoshop CS4 Support (x32 Version: 11.0)
Adobe Premiere Pro CS4 (x32 Version: 4)
Adobe Premiere Pro CS4 Functional Content (x32 Version: 4)
Adobe Premiere Pro CS4 Third Party Content (x32 Version: 4)
Adobe Reader 9.1 - Deutsch (x32 Version: 9.1.0)
Adobe Search for Help (x32 Version: 1.0)
Adobe Service Manager Extension (x32 Version: 1.0)
Adobe Setup (x32 Version: 2.0)
Adobe Soundbooth CS4 (x32 Version: 2)
Adobe Soundbooth CS4 Codecs (x32 Version: 2)
Adobe Type Support CS4 (x32 Version: 9.0)
Adobe Type Support x64 CS4 (Version: 9.0)
Adobe Update Manager CS4 (x32 Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1)
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1)
Adobe XMP Panels CS4 (x32 Version: 2.0)
AdobeColorCommonSetCMYK (x32 Version: 2.0)
AdobeColorCommonSetRGB (x32 Version: 2.0)
AIO_CDB_ProductContext (x32 Version: 82.0.242.000)
AIO_CDB_Software (x32 Version: 82.0.242.000)
AIO_CDB_ToolboxIni64 (Version: 82.0.242.000)
AIO_Scan (x32 Version: 82.0.173.000)
AOL Toolbar 5.0 (x32 Version: 5.2.78.2)
Apple Software Update (x32 Version: 2.1.1.116)
Assassin's Creed (x32 Version: 1.02)
Auslogics Disk Defrag (x32 Version: version 3.4)
AVerMedia A309 (MiniCard, DVB-T) 1.0.64.45 (x32 Version: 1.0.64.45)
Avid EDL Manager (x32 Version: 27.5.2)
Avid FilmScribe (x32 Version: 27.5.2)
Avid Log Exchange (x32 Version: 27.5.2)
Avid Media Composer (x32 Version: 5.5.2)
Avid MediaLog (x32 Version: 27.5.2)
Bejeweled® 3 (x32 Version: 1.1.13.4753)
BufferChm (x32 Version: 82.0.173.000)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.7.0.4)
Canon Internet Library for ZoomBrowser EX (x32 Version: 1.6.3.9)
Canon MOV Decoder (x32 Version: 1.4.0.15)
Canon MOV Encoder (x32 Version: 1.2.0.10)
Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 3.3.0.15)
Canon Utilities CameraWindow (x32 Version: 7.3.0.4)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (x32 Version: 6.5.0.3)
Canon Utilities Digital Photo Professional 3.7 (x32 Version: 3.7.1.1)
Canon Utilities EOS Utility (x32 Version: 2.7.0.2)
Canon Utilities MyCamera (x32 Version: 7.3.0.5)
Canon Utilities PhotoStitch (x32 Version: 3.1.22.46)
Canon Utilities Picture Style Editor (x32 Version: 1.6.0.0)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (x32 Version: 1.8.0.1)
Canon Utilities WFT-E1/E2/E3/E4/E5 Utility (x32 Version: 3.4.0.2)
Canon Utilities ZoomBrowser EX (x32 Version: 6.4.1.11)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.2.2.11)
CCleaner (Version: 3.19)
CINEMA 4D 11.514 (Version: 11.514)
CINEMA 4D 12.048 (Version: 12.048)
CINEMA 4D 13.061 (Version: 13.061)
CINEMA 4D 14.041 (Version: 14.041)
CINEMA 4D Demo 11.514 (Version: 11.514)
CINEMA 4D Demo 12.021 (Version: 12.021)
CINEMA 4D Release 11 (x32)
CINEMA 4D Release 11 Architecture Extension Kit (x32)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.4518.1014)
Connect (x32 Version: 1.0.0.1)
Copy (x32 Version: 82.0.188.000)
CustomerResearchQFolder (x32 Version: 1.00.0000)
CyberLink DVD Suite (x32 Version: 6.0.2203)
Destinations (x32 Version: 82.0.173.000)
DeviceManagementQFolder (x32 Version: 1.00.0000)
Diablo II (HKCU)
Diablo II (x32)
DigitalPersona Personal 3.1.0 (Version: 3.1.0.3276)
DocProc (x32 Version: 8.1.0.0)
DocProcQFolder (x32 Version: 1.00.0000)
Dropbox (HKCU Version: 2.0.22)
ESU for Microsoft Vista (x32 Version: 1.0.0)
eSupportQFolder (x32 Version: 1.00.0000)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
Fallout 3 (x32 Version: 1.00.0000)
Fax (x32 Version: 82.0.188.000)
Firestorm-Release (remove only) (x32 Version: 4.4.2.34167)
Free RAR Extract Frog (x32 Version: 1.80)
Gothic 3 (x32 Version: 1.0.0)
GoToMeeting 5.5.0.1132 (HKCU Version: 5.5.0.1132)
HBP (C:\Program Files (x86)\HBP) (x32 Version: )
HP Customer Experience Enhancements (x32 Version: 6.0.1.3)
HP Customer Participation Program 8.0 (Version: 8.0)
HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät (Version: 25.0.571.0)
HP Deskjet 3070 B611 series Hilfe (x32 Version: 140.0.2.2)
HP Doc Viewer (x32 Version: 1.01.0005)
HP Imaging Device Functions 8.0 (Version: 8.0)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204 (Version: 6.0.1.6204)
HP MediaSmart DVD (x32 Version: 2.0.2126)
HP MediaSmart Music/Photo/Video (x32 Version: 2.0.2125)
HP MediaSmart SmartMenu (Version: 2.0.8)
HP MediaSmart TV (x32 Version: 2.0.0924)
HP MediaSmart Webcam (x32 Version: 2.0.0926)
HP OCR Software 8.0 (Version: 8.0)
HP Photosmart Essential (x32 Version: 1.12.0.46)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (Version: 8.0)
HP Quick Launch Buttons (x32 Version: 6.50.13.1)
HP Solution Center 8.0 (Version: 8.0)
HP Total Care Advisor (x32 Version: 2.4.4821.2785)
HP Update (x32 Version: 4.000.009.002)
HP User Guides 0115 (x32 Version: 1.04.0000)
HP Wireless Assistant (x32 Version: 3.00 K2)
HPProductAssistant (x32 Version: 82.0.173.000)
HPSSupply (x32 Version: 2.1.3.0000)
HPTCSSetup (x32 Version: 1.1.1963.2799)
IDT Audio (x32 Version: 1.0.6047.5)
inSSIDer 3 (x32 Version: 3.0.6.42)
Interlok driver setup x64 (Version: 5.9.0)
Java Auto Updater (x32 Version: 2.1.6.0)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
Java(TM) 6 Update 7 (x32 Version: 1.6.0.70)
Java(TM) 7 Update 5 (x32 Version: 7.0.50)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JMicron JMB38X Flash Media Controller (x32 Version: 1.00.18.07)
Keying Suite 64-bit (Version: 11.0.1)
Keying Suite 64-bit (x32 Version: 11.0.1)
kuler (x32 Version: 2.0)
LabelPrint (x32 Version: 2.5.0926)
LightScribe System Software 1.14.17.1 (x32 Version: 1.14.17.1)
MacDrive 9 Pro (Version: 9.0.6.4)
Magic Bullet Colorista II 64 Bit (Version: 1.0.1)
Magic Bullet Colorista II 64 Bit (x32 Version: 1.0.1)
MarketResearch (x32 Version: 82.0.174.000)
Mastering Effects Bundle 2 for Sound Forge Pro (x32 Version: 2.00)
MetaSync (x32 Version: 27.5.2)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Games for Windows - LIVE (x32 Version: 3.0.89.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.0.19.0)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.4518.1014)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.6361.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
mIRC (x32 Version: 7.29)
mocha Pro V3.0.2-5102 (Version: 3.02.5102)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVC80_x64 (Version: 1.0.1.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86 (x32 Version: 1.0.1.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
muvee Reveal (x32 Version: 7.0.35.6951)
My HP Games (x32 Version: 1.0.0.62)
NetDeviceManager64 (Version: 82.0.173.000)
Nexus Mod Manager (Version: 0.13.1)
NirSoft Wireless Network Watcher (x32)
Noise Reduction Plug-in 2.0i (x32 Version: 2.0.455)
Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0)
Nokia Map Loader (x32 Version: 3.0.22)
Nokia PC Suite (x32 Version: 7.1.51.0)
Nokia Software Updater (x32 Version: 02.06.001.43673)
Nokia Suite (x32 Version: 3.4.49.0)
Norton Internet Security (x32 Version: 20.4.0.40)
Notepad++ (x32 Version: 5.9.2)
Nuke 6.2v1
NVIDIA 3D Vision Controller Driver (x32 Version: 275.33)
NVIDIA 3D Vision Controller-Treiber 302.59 (Version: 302.59)
NVIDIA Grafiktreiber 302.59 (Version: 302.59)
NVIDIA HD-Audiotreiber 1.3.15.0 (Version: 1.3.15.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (x32 Version: 9.12.0213)
NVIDIA PhysX-Systemsoftware 9.12.0213 (Version: 9.12.0213)
NVIDIA Systemsteuerung 302.59 (Version: 302.59)
Origin (x32 Version: 9.1.10.2728)
PC Connectivity Solution (x32 Version: 12.0.17.0)
PDF Settings CS4 (x32 Version: 9.0)
PDF Settings CS5 (x32 Version: 10.0)
Pegasus Mail (x32)
PhotoNow! (x32 Version: 1.1.5615)
Photoshop Camera Raw (x32 Version: 5.0)
Photoshop Camera Raw_x64 (Version: 5.0)
Pidgin (x32 Version: 2.10.4)
Pixel Bender Toolkit (x32 Version: 1.0)
Power2Go (x32 Version: 6.0.2202)
PowerDirector (x32 Version: 7.0.2201)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.11)
ProtectSmart Hard Drive Protection (Version: 3.10.1.7)
PVSonyDll (Version: 1.00.0001)
PxMergeModule (x32 Version: 1.00.0000)
QLBCASL (x32 Version: 6.40.17.2)
QuickTime (x32 Version: 7.62.14.0)
Realtek 8169 8168 8101E 8102E Ethernet Driver (x32 Version: 1.00.0000)
Scan (x32 Version: 8.1.0.0)
SecondLifeViewer (remove only) (x32)
Sentinel Protection Installer 7.4.0 (x32 Version: 7.4.0)
Shot Designer (x32 Version: 1.1.78)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 5.5 (x32 Version: 5.5.124)
SolutionCenter (x32 Version: 82.0.188.000)
Sony CD Architect 5.2 (x32 Version: 5.2.240)
Sony Noise Reduction Plug-In 2.0h (x32 Version: 2.0.451)
Sony Sound Forge 9.0 (x32 Version: 9.0.441)
Sound Forge Pro 10.0 (x32 Version: 10.0.474)
SPORE Creature Creator Trial Edition (x32 Version: 1.00.0000)
StarCraft II (x32 Version: 2.0.11.26825)
Status (x32 Version: 82.0.173.000)
Steam (x32 Version: 1.0.0.0)
Subtitle Workshop 2.51 (x32)
Suite Shared Configuration CS4 (x32 Version: 1.0)
SuperMailer 5.10 (x32)
Synaptics Pointing Device Driver (Version: 11.2.0.0)
SynthEyes (x32 Version: 8.0.1007)
System Requirements Lab for Intel (x32 Version: 4.5.9.0)
The Elder Scrolls V: Skyrim (x32)
Toolbox (x32 Version: 82.0.173.000)
Trapcode Particular v2 (x32)
Trapcode Suite 64-bit (Version: 11.0.2)
Trapcode Suite 64-bit (x32 Version: 11.0.2)
TrayApp (x32 Version: 82.0.188.000)
TURBULENCE.4D R11.5 Beta2p1 (x32 Version: Beta2p1)
TurbulenceRuntime (x32 Version: 1.0.0)
UnloadSupport (x32 Version: 1.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Validity Sensors software (Version: 2.7.500)
VLC media player 2.0.2 (Version: 2.0.2)
Wacom Tablett (x32)
WebReg (x32 Version: 82.0.173.000)
Winamp (x32 Version: 5.621 )
WinDirStat 1.1.2 (HKCU)
Windows 7 Upgrade Advisor (x32 Version: 2.0.5000.0)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows-Treiberpaket - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) (Version: 09/04/2008 2.6.0.0)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Xilisoft HD Video Converter 6 (x32 Version: 6.6.0.0623)
==================== Restore Points =========================
13-09-2013 11:03:05 Geplanter Prüfpunkt
15-09-2013 17:51:31 Geplanter Prüfpunkt
19-09-2013 15:43:59 Geplanter Prüfpunkt
20-09-2013 19:06:39 Geplanter Prüfpunkt
22-09-2013 12:55:55 Geplanter Prüfpunkt
24-09-2013 12:28:00 Geplanter Prüfpunkt
25-09-2013 12:59:55 Geplanter Prüfpunkt
26-09-2013 22:00:04 Geplanter Prüfpunkt
19-10-2013 11:20:20 Geplanter Prüfpunkt
20-10-2013 15:45:17 Geplanter Prüfpunkt
21-10-2013 10:06:42 Geplanter Prüfpunkt
22-10-2013 15:27:32 Geplanter Prüfpunkt
23-10-2013 11:56:03 Geplanter Prüfpunkt
25-10-2013 17:40:13 Geplanter Prüfpunkt
27-10-2013 18:27:27 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 13:34 - 2006-09-18 22:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {1B8C6AB4-8A8B-49B5-99FE-81944667ABDA} - System32\Tasks\{2B97425E-AED1-45A4-AD15-B18C4A9D7118} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?page=tsMain
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2863705F-3D7A-4BF8-BC48-53C842C08E26} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\symerr.exe [2013-06-04] (Symantec Corporation)
Task: {35A987B7-7B7A-43BC-A33D-F3A392DE49BD} - System32\Tasks\AdobeAAMUpdater-1.0-screeno-mobil2-admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {779776FC-886B-43BB-94DB-0D5D7E9C7B30} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\symerr.exe [2013-06-04] (Symantec Corporation)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {80E2B48D-C033-4877-9A2F-9E053941068E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
Task: {80EFB117-0BF8-4480-B3C3-DCE7510564FE} - System32\Tasks\Microsoft\Windows\RestartManager\{2E89C2F9-3D25-4787-B4E9-D1648DF1E5A8} => C:\Windows\System32\RmClient.exe [2006-11-02] (Microsoft Corporation)
Task: {9F7F5D91-248E-45D5-B326-D06CE2617B65} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-24] (Microsoft Corporation)
Task: {B11FE2B7-24E2-44AC-9B28-3648F7CE0D17} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe [2008-01-21] (Microsoft Corporation)
Task: {D500FC6A-C483-4366-A1DA-5FD8EDB9CB53} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wscstub.exe [2013-06-04] (Symantec Corporation)
Task: {E85C8387-FFBA-4A68-9502-35F371F13DEF} - System32\Tasks\HPCeeScheduleForadmin => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07] (Hewlett-Packard)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\HPCeeScheduleForadmin.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2011-02-09 01:56 - 2011-02-09 01:56 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2008-06-19 13:59 - 2008-06-19 13:59 - 00167936 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-09-24 18:07 - 2008-09-24 18:07 - 00074536 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus64.dll
2008-10-27 02:45 - 2008-10-06 09:54 - 00132480 _____ () C:\Program Files (x86)\SMINST\STWmiM.dll
2008-09-24 18:08 - 2008-09-24 18:08 - 00267656 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
2008-09-24 18:08 - 2008-09-24 18:08 - 00038184 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
2013-06-19 00:41 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 08506280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 02353576 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 01013672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 00363944 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 02480552 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 01346472 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 00205736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 02652584 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 00032680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 00035240 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 00206760 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 11166120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 00276392 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2012-05-16 12:46 - 2012-05-16 12:46 - 00391056 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2012-05-16 12:46 - 2012-05-16 12:46 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2012-05-16 14:44 - 2012-05-16 14:44 - 00437672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 00445864 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 00520104 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-05-16 14:45 - 2012-05-16 14:45 - 00720296 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2012-05-16 14:44 - 2012-05-16 14:44 - 00604072 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-05-16 12:45 - 2012-05-16 12:45 - 00110080 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
2007-07-12 13:55 - 2007-07-12 13:55 - 01581056 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2007-08-14 13:59 - 2007-08-14 13:59 - 06365184 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2007-07-12 13:55 - 2007-07-12 13:55 - 00131072 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\admin\AppData\Roaming\Dropbox\bin\libcef.dll
2008-09-24 18:08 - 2008-09-24 18:08 - 00349480 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLTinyDB.dll
2008-09-25 18:42 - 2008-09-25 18:42 - 00881960 ____N () C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\admin\Cookies:3Bgrmfn91Flmjoc2Bhuni14YR
AlternateDataStreams: C:\Users\admin\Cookies:BySDur7g7bEE6dhw5P7dRLBRka
AlternateDataStreams: C:\Users\admin\Cookies:ZYkmRA80KkEWhyDhwVZV3jV9LC
AlternateDataStreams: C:\Users\admin\Lokale Einstellungen:E7bxoyeraG8aPWibZekoh
AlternateDataStreams: C:\Users\admin\AppData\Local:E7bxoyeraG8aPWibZekoh
AlternateDataStreams: C:\Users\admin\AppData\Local\Anwendungsdaten:E7bxoyeraG8aPWibZekoh
AlternateDataStreams: C:\Users\admin\AppData\Local\Elv5qQdZMK1:pvvjGxp8OJu58G5ST
AlternateDataStreams: C:\Users\admin\AppData\Local\Temporary Internet Files:BT9AbDHCTbRGJiA79s8juLmjgP
AlternateDataStreams: C:\Users\admin\AppData\Local\Temporary Internet Files:lU2fNJ0VZGcs3qSWIGJBGC2RDo
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart 3200 series
Description: Photosmart 3200 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: HP LaserJet 3390
Description: HP LaserJet 3390
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/29/2013 11:06:59 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (10/29/2013 11:01:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 10:47:59 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (10/29/2013 10:45:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 10:33:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 01:50:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 01:09:06 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
Error: (10/29/2013 00:59:26 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (10/29/2013 00:37:41 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (10/29/2013 00:37:13 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
System errors:
=============
Error: (10/29/2013 11:03:03 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (10/29/2013 11:03:03 AM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (10/29/2013 11:01:53 AM) (Source: Service Control Manager) (User: )
Description: acedrv07
Aspi32
Error: (10/29/2013 11:00:43 AM) (Source: volmgr) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physikalischen Speicher abbilden zu können.
Error: (10/29/2013 11:00:37 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\Aspi32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (10/29/2013 11:00:02 AM) (Source: volmgr) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physikalischen Speicher abbilden zu können.
Error: (10/29/2013 10:46:55 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (10/29/2013 10:46:55 AM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (10/29/2013 10:45:14 AM) (Source: Service Control Manager) (User: )
Description: acedrv07
Aspi32
Error: (10/29/2013 10:44:06 AM) (Source: volmgr) (User: )
Description: Die Konfiguration der Auslagerungsdatei für das Speicherabbild ist fehlgeschlagen. Stellen
Sie sicher, dass eine Auslagerungsdatei auf der Startpartition vorhanden ist und dass diese
groß genug ist, um den gesamten physikalischen Speicher abbilden zu können.
Microsoft Office Sessions:
=========================
Error: (10/29/2013 11:06:59 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe
Error: (10/29/2013 11:01:53 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 10:47:59 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe
Error: (10/29/2013 10:45:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 10:33:53 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 01:50:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/29/2013 01:09:06 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
Error: (10/29/2013 00:59:26 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe
Error: (10/29/2013 00:37:41 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe
Error: (10/29/2013 00:37:13 AM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
CodeIntegrity Errors:
===================================
Date: 2013-10-29 11:00:41.470
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 11:00:41.392
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 10:44:05.107
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 10:44:05.029
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 10:32:43.793
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 10:32:43.715
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 10:29:44.807
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 10:29:44.713
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 10:27:12.275
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-29 10:27:12.197
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\acedrv07.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 4062.25 MB
Available physical RAM: 1976.37 MB
Total Pagefile: 4157.5 MB
Available Pagefile: 1939.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:453.82 GB) (Free:23.92 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:11.94 GB) (Free:1.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:1.87 GB) (Free:0.16 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 9E3B397D)
Partition 1: (Active) - (Size=454 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 309E7FF5)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-10-29 11:54:50
Windows 6.0.6002 Service Pack 2 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000BEVT-60ZAT0 rev.01.01A01 465,76GB
Running: nb0ipvpy.exe; Driver: C:\Users\admin\AppData\Local\Temp\kftiypod.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
---- User code sections - GMER 2.1 ----
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 0000000077889758 5 bytes JMP 000000010021091c
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 00000000778898a8 5 bytes JMP 0000000100210048
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 0000000077889938 5 bytes JMP 00000001002102ee
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 0000000077889a88 5 bytes JMP 00000001002104b2
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 0000000077889ab8 5 bytes JMP 00000001002109fe
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 0000000077889ae8 5 bytes JMP 0000000100210ae0
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 0000000077889b00 5 bytes JMP 0000000100020050
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 000000007788a208 5 bytes JMP 000000010021012a
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 000000007788a2e0 5 bytes JMP 0000000100210758
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 000000007788a2f8 5 bytes JMP 0000000100210676
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 000000007788a7d0 5 bytes JMP 00000001002103d0
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 000000007788b24c 5 bytes JMP 0000000100210594
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 000000007788b4d4 5 bytes JMP 000000010021083a
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 000000007788b624 5 bytes JMP 000000010021020c
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!OpenSCManagerA + 293 0000000075962eb8 7 bytes JMP 00000001002202f4
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!CloseServiceHandle + 170 000000007596834f 7 bytes JMP 0000000100210d8a
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!CreateServiceW + 255 0000000075989fb3 7 bytes JMP 0000000100210ca6
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!ControlService + 193 000000007598a079 7 bytes JMP 00000001002203d8
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!I_ScGetCurrentGroupStateW + 143 00000000759c6629 7 bytes JMP 0000000100210f52
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!ControlServiceExA + 270 00000000759c673c 7 bytes JMP 0000000100210bc2
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!SetServiceObjectSecurity + 251 00000000759c6dd4 7 bytes JMP 0000000100220210
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA + 419 00000000759c6f7c 2 bytes JMP 0000000100220048
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfigA + 422 00000000759c6f7f 4 bytes [85, 8A, EB, F9]
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\ADVAPI32.dll!ChangeServiceConfig2W + 187 00000000759c729c 7 bytes JMP 0000000100210e6e
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\USER32.dll!EnumDisplayDevicesA + 338 0000000076e06539 7 bytes JMP 000000010022059e
.text F:\rescue\nb0ipvpy.exe[5548] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 874 0000000076e2ab52 7 bytes JMP 00000001002204bc
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
INITKDBG C:\Windows\system32\ntoskrnl.exe suspicious modification
---- Threads - GMER 2.1 ----
Thread C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [1440:1632] 000007fefc20b8ec
Thread C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [1440:1696] 000007fefb9001d0
Thread C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [1440:1700] 000007fefb900c84
Thread C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [1440:1704] 000007fefb9016b8
Thread C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [1440:1708] 000007fefb901e84
Thread [1044:3968] 000000007790810d
Thread [1044:3256] 000000007388c59c
Thread [1044:2536] 000000007388c59c
Thread [1044:3944] 000000007388c59c
Thread [1044:2624] 000000007388c59c
Thread [1044:3604] 000000007388c59c
Thread [1044:3796] 000000007388c59c
Thread [1044:3636] 000000007388c59c
Thread [1044:1112] 000000007388c59c
Thread [1044:1532] 000000007388c59c
Thread [1044:3276] 000000007388c59c
Thread [1044:3964] 000000007388c59c
Thread [1044:1908] 000000007388c59c
Thread [1044:2308] 000000007787dd19
Thread [1044:3868] 000000007388c59c
Thread [1044:3920] 000000007388c59c
Thread [1044:3888] 000000007388c59c
Thread [1044:3304] 0000000075e0c224
Thread [1044:3916] 000000007388c59c
Thread [1044:720] 000000007388c59c
Thread [1044:5972] 0000000076ec3402
Thread [1044:3592] 000000007787dd19
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00247e40ce9b
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00247e40ce9b@00266842f803 0x0F 0x18 0x42 0x6F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00247e40ce9b@001cd4427e78 0x9F 0x8F 0x12 0xCC ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00247e40ce9b@78ca041a677f 0xBD 0xE3 0x0D 0x51 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\Interfaces\{07be7a3d-5e87-4b47-8a6f-a952f310102d}@Dhcpv6State 0
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00247e40ce9b (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00247e40ce9b@00266842f803 0x0F 0x18 0x42 0x6F ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00247e40ce9b@001cd4427e78 0x9F 0x8F 0x12 0xCC ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00247e40ce9b@78ca041a677f 0xBD 0xE3 0x0D 0x51 ...
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Hoffe alles ist da! Danke nochmal! LG Squirrel |
| Themen zu Windows Vista: Polizei Virus/Trojaner |
| browser, converter, cs4/contributeieplugin.dll, device driver, einstellungen, error, farbar, farbar recovery scan tool, firefox, flash player, homepage, iexplore.exe, internet explorer, java/exploit.agent.nzg, java/exploit.cve-2012-0507.w, java/exploit.cve-2013-2465.cf, kaspersky, launch, ntdll.dll, officejet, plug-in, popup, registrierungsdatenbank, registry, richtlinie, software, symantec, third party, virus, vista, win32/kryptik.bnth, win64/disabler.a |
Baum-Darstellung