| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung KasperskyWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
06.01.2014, 03:45
| #1 |
 |  Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Hallo ich bin zum ersten mal in einem Board und ich habe Folgendes Problem: habe mir vor gut einer Woche versucht mal Adobe Reader zu downloaden hab aber leider dann bei den ständigen Fragen immer auf weiter oder ja geklickt und anscheinend so dieses Nationzoom und andere zusätzliche software gedownloadet die ich allerdings nicht mehr genau weis. Habe dann bevor ich auf dieses Board gestoßen bin schon einmal selbst etwas probiert. -unter Systemsteuerung Programme deinstallieren die unwichtigen sachen deinstalliert aber da gab es kein Nationzoom. -heute habe ich mir Kaspersky Internet Security 2014 online gekauft und gedownloadet. danach einen Scan durchgeführt und dann hat Kaspersky Maleware entdeckt jedoch konnte ich diese nicht durch Kaspersky beheben. -dann habe ich durch googeln "adwcleaner" gedownloadet und suchlauf durchgeführt dann auf Löschen gedrückt. -Kaspersky zeigt immernoch Maleware an darauf habe ich mir das "Junkware Removal Tool" gedownloadet und ausführen lassen Maleware immer noch vorhanden. Logfile Kaspersky: Code:
ATTFilter Gefundenes Objekt (Datei) wurde nicht verarbeitet C:\Documents and Settings\Kevin K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KHWS6I6B\pack[1].7z//protector.dll C:\Documents and Settings\Kevin K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KHWS6I6B\pack[1].7z//protector.dll Trojan.Win32.Bromngr.ae Trojanisches Programm Heute, 20:19
Gefundenes Objekt (Datei) wurde nicht verarbeitet C:\Documents and Settings\Kevin K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KHWS6I6B\pack[2].7z//protector.dll C:\Documents and Settings\Kevin K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KHWS6I6B\pack[2].7z//protector.dll Trojan.Win32.Bromngr.ar Trojanisches Programm Heute, 20:19
Gefundenes Objekt (Datei) wurde nicht verarbeitet C:\Documents and Settings\Kevin K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KHWS6I6B\pack[2].7z//bprotect.exe C:\Documents and Settings\Kevin K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KHWS6I6B\pack[2].7z//bprotect.exe Trojan.Win32.Bromngr.av Trojanisches Programm Heute, 20:19
Gefundenes Objekt (Datei) wurde nicht verarbeitet C:\Documents and Settings\Kevin K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KHWS6I6B\pack[1].7z//bprotect.exe C:\Documents and Settings\Kevin K\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KHWS6I6B\pack[1].7z//bprotect.exe Trojan.Win32.Bromngr.v Trojanisches Programm Heute, 20:19
Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 05/01/2014 um 22:13:16
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kevin K - KEVINK-PC
# Gestartet von : C:\Users\Kevin K\Downloads\adwcleaner_3.016.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : Wpm
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Datei Gefunden : C:\Windows\System32\roboot64.exe
Datei Gefunden : C:\Windows\System32\Tasks\Dealply
Datei Gefunden : C:\Windows\System32\Tasks\DSite
Datei Gefunden : C:\Windows\Tasks\DSite.job
Ordner Gefunden C:\Program Files (x86)\Mobogenie
Ordner Gefunden C:\Program Files (x86)\MyPC Backup
Ordner Gefunden C:\ProgramData\Babylon
Ordner Gefunden C:\ProgramData\DSearchLink
Ordner Gefunden C:\ProgramData\WPM
Ordner Gefunden C:\Users\Kevin K\AppData\Local\Mobogenie
Ordner Gefunden C:\Users\Kevin K\AppData\LocalLow\Mysearchdial
Ordner Gefunden C:\Users\Kevin K\AppData\Roaming\Advanced System Protector
Ordner Gefunden C:\Users\Kevin K\AppData\Roaming\BabSolution
Ordner Gefunden C:\Users\Kevin K\AppData\Roaming\Babylon
Ordner Gefunden C:\Users\Kevin K\AppData\Roaming\DealPly
Ordner Gefunden C:\Users\Kevin K\AppData\Roaming\DSite
Ordner Gefunden C:\Users\Kevin K\AppData\Roaming\Systweak
Ordner Gefunden C:\Users\Kevin K\Documents\Mobogenie
***** [ Verknüpfungen ] *****
Verknüpfung Gefunden : C:\Users\Kevin K\Desktop\Internet Explorer (64-bit).lnk ( hxxp://www.nationzoom.com/?type=sc&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN )
Verknüpfung Gefunden : C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.nationzoom.com/?type=sc&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN )
Verknüpfung Gefunden : C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.nationzoom.com/?type=sc&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN )
Verknüpfung Gefunden : C:\Users\Kevin K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.nationzoom.com/?type=sc&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN )
Verknüpfung Gefunden : C:\Users\Kevin K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk ( hxxp://www.nationzoom.com/?type=sc&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN )
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\dedcd8b63eba43
Schlüssel Gefunden : HKCU\Software\dsiteproducts
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Optimizer Pro
Schlüssel Gefunden : HKCU\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\DataMngr
Schlüssel Gefunden : [x64] HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : [x64] HKCU\Software\dsiteproducts
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : [x64] HKCU\Software\Optimizer Pro
Schlüssel Gefunden : [x64] HKCU\Software\SmartBar
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\dedcd8b63eba43
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gefunden : HKLM\Software\mysearchdial
Schlüssel Gefunden : HKLM\Software\nationzoomSoftware
Schlüssel Gefunden : HKLM\Software\supWPM
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : HKLM\Software\Uniblue
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=5c72d07d-cddf-c00f-0b02-584f67ee857c&searchtype=ds&q={searchTerms}&installDate=29/12/2013
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.nationzoom.com/?type=hp&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=5c72d07d-cddf-c00f-0b02-584f67ee857c&searchtype=ds&q={searchTerms}&installDate=29/12/2013
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.nationzoom.com/web/?type=ds&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.nationzoom.com/?type=hp&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.nationzoom.com/?type=hp&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.nationzoom.com/web/?type=ds&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=5c72d07d-cddf-c00f-0b02-584f67ee857c&searchtype=ds&q={searchTerms}&installDate=29/12/2013
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=5c72d07d-cddf-c00f-0b02-584f67ee857c&searchtype=ds&q={searchTerms}&installDate=29/12/2013
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=5c72d07d-cddf-c00f-0b02-584f67ee857c&searchtype=ds&q={searchTerms}&installDate=29/12/2013
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=5c72d07d-cddf-c00f-0b02-584f67ee857c&searchtype=ds&q={searchTerms}&installDate=29/12/2013
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.nationzoom.com/web/?type=ds&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.nationzoom.com/?type=hp&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.nationzoom.com/?type=hp&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.nationzoom.com/web/?type=ds&ts=1388323891&from=tugs&uid=INTELXSSDSA2BW160G3H_CVPR144609RU160DGN&q={searchTerms}
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [10840 octets] - [05/01/2014 22:13:16]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10901 octets] ##########
Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 05/01/2014 um 22:15:09
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kevin K - KEVINK-PC
# Gestartet von : C:\Users\Kevin K\Downloads\adwcleaner_3.016.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : Wpm
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\DSearchLink
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Users\Kevin K\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Kevin K\AppData\LocalLow\Mysearchdial
Ordner Gelöscht : C:\Users\Kevin K\AppData\Roaming\Advanced System Protector
Ordner Gelöscht : C:\Users\Kevin K\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Kevin K\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Kevin K\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Kevin K\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Kevin K\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Kevin K\Documents\Mobogenie
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Datei Gelöscht : C:\Windows\System32\Tasks\DSite
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Kevin K\Desktop\Internet Explorer (64-bit).lnk
Verknüpfung Desinfiziert : C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Kevin K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Kevin K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKCU\Software\dedcd8b63eba43
Schlüssel Gelöscht : HKLM\SOFTWARE\dedcd8b63eba43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\mysearchdial
Schlüssel Gelöscht : HKLM\Software\nationzoomSoftware
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DomaIQ
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [11070 octets] - [05/01/2014 22:13:16]
AdwCleaner[S0].txt - [7903 octets] - [05/01/2014 22:15:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7963 octets] ##########
Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 05/01/2014 um 22:23:07
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kevin K - KEVINK-PC
# Gestartet von : C:\Users\Kevin K\Downloads\adwcleaner_3.016.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [11070 octets] - [05/01/2014 22:13:16]
AdwCleaner[R1].txt - [733 octets] - [05/01/2014 22:23:07]
AdwCleaner[S0].txt - [8095 octets] - [05/01/2014 22:15:09]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [852 octets] ##########
Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 05/01/2014 um 22:24:33
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kevin K - KEVINK-PC
# Gestartet von : C:\Users\Kevin K\Downloads\adwcleaner_3.016.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [11070 octets] - [05/01/2014 22:13:16]
AdwCleaner[R1].txt - [931 octets] - [05/01/2014 22:23:07]
AdwCleaner[S0].txt - [8095 octets] - [05/01/2014 22:15:09]
AdwCleaner[S1].txt - [853 octets] - [05/01/2014 22:24:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [912 octets] ##########
Code:
ATTFilter C:\ProgramData\DSearchLink\DSearchLink.exe->C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir
C:\ProgramData\WPM\wprotectmanager.exe->C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir
C:\Program Files (x86)\Mobogenie\AndroidClient.apk->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\AndroidClient.apk.vir
C:\Program Files (x86)\Mobogenie\ok.htm->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\ok.htm.vir
C:\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_UnRegisterExtensions.exe.vir
C:\Users\Kevin K\AppData\Local\Mobogenie\client.time->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Mobogenie\client.time.vir
C:\Users\Kevin K\AppData\Local\Mobogenie\damo.time->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Mobogenie\damo.time.vir
C:\Users\Kevin K\AppData\Local\Mobogenie\DayAdded->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Mobogenie\DayAdded.vir
C:\Users\Kevin K\AppData\Local\Mobogenie\failed.devices->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Mobogenie\failed.devices.vir
C:\Users\Kevin K\AppData\Local\Mobogenie\mobo.uuid->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Mobogenie\mobo.uuid.vir
C:\Users\Kevin K\AppData\Local\Mobogenie\Source.mu->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Mobogenie\Source.mu.vir
C:\Users\Kevin K\AppData\Local\Mobogenie\updatepop.time->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Mobogenie\updatepop.time.vir
C:\Users\Kevin K\AppData\Local\Mobogenie\Version\CacheVersion\release-update.xml->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Mobogenie\Version\CacheVersion\release-update.xml.vir
C:\Users\Kevin K\AppData\Local\Mobogenie\Data\mobogenie_u_user_dl.mg->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Mobogenie\Data\mobogenie_u_user_dl.mg.vir
C:\Users\Kevin K\AppData\Roaming\BabSolution\Shared\BabMaint.exe->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir
C:\Users\Kevin K\AppData\Roaming\BabSolution\Shared\BuenoSearch.ico->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\BabSolution\Shared\BuenoSearch.ico.vir
C:\Users\Kevin K\AppData\Roaming\BabSolution\Shared\BUSolution.dll->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\BabSolution\Shared\BUSolution.dll.vir
C:\Users\Kevin K\AppData\Roaming\BabSolution\Shared\chu.js->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\BabSolution\Shared\chu.js.vir
C:\Users\Kevin K\AppData\Roaming\BabSolution\Shared\GUninstaller.exe->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\BabSolution\Shared\GUninstaller.exe.vir
C:\Users\Kevin K\AppData\Roaming\BabSolution\Shared\SetupParams.ini->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\BabSolution\Shared\SetupParams.ini.vir
C:\Users\Kevin K\AppData\Roaming\BabSolution\Shared\sqlite3.dll->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\BabSolution\Shared\sqlite3.dll.vir
C:\Users\Kevin K\AppData\Roaming\BabSolution\CR\bueno.crx->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\BabSolution\CR\bueno.crx.vir
C:\Users\Kevin K\AppData\Roaming\Babylon\log_file.txt->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\Babylon\log_file.txt.vir
C:\Users\Kevin K\AppData\Roaming\DealPly\UpdateProc\config.dat->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\DealPly\UpdateProc\config.dat.vir
C:\Users\Kevin K\AppData\Roaming\DSite\UpdateProc\config.dat->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\DSite\UpdateProc\config.dat.vir
C:\Users\Kevin K\AppData\Roaming\DSite\UpdateProc\TTL.DAT->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\DSite\UpdateProc\TTL.DAT.vir
C:\Users\Kevin K\AppData\Roaming\Systweak\ssd\SSDPTstub.exe->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir
C:\Windows\System32\roboot64.exe->C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir
C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx.vir
C:\Windows\System32\Tasks\Dealply->C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Dealply.vir
C:\Windows\Tasks\DSite.job->C:\AdwCleaner\Quarantine\C\Windows\Tasks\DSite.job.vir
C:\Windows\System32\Tasks\DSite->C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\DSite.vir
C:\Users\Kevin K\Desktop\Internet Explorer (64-bit).lnk->C:\AdwCleaner\Quarantine\C\Users\Kevin K\Desktop\Internet Explorer (64-bit).lnk.vir
C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk.vir
C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk.vir
C:\Users\Kevin K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk.vir
C:\Users\Kevin K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk->C:\AdwCleaner\Quarantine\C\Users\Kevin K\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk.vir
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Kevin K on 05.01.2014 at 22:41:20,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3676114898-733086538-724913405-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411391124}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.01.2014 at 22:46:42,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
06.01.2014, 09:04
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
06.01.2014, 17:01
| #3 |
| | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Danke für die schnelle Antwort
__________________ Nein habe sonst keine weiteren Logfiles habe dieses Notebook erst seit nen guten Monat und habe es auch nicht oft genutzt bis jetzt deshalb hatte ich noch kein Antivirus Programm installiert und eben als ich gemerkt hatte das sich immer neue seiten öffnen und als Startseite immer Nationzoom kommt habe ich mir gestern Kaspersky geholt. Dann als ich Kaspersky mein Notebook untersuchen habe lassen kam Malware warnung die ich nicht beheben konnte und Adware warnung diese ging zu löschen nur nicht dieses Malware Problem und dann habe ich eben wie im vorrigen Post die anderen zwei programme heruntergeladen und davon habe ich die Logfiles gepostet. Was ich noch hinzufügen muss das ich Kaspersky auch nach dem ersten mal durchsuchen wider Deinstalliert habe weil ich gedacht habe kann nicht sein das er mir immer noch Malware anzeigt weil ich den entsprechenden Pfad nicht gefunden hab  .Sollte ich mir vor dem FRTS scan noch das Programm Malewarebytes herunterladen und durchsuchen lassen ? weil das habe ich jetzt nicht gemacht eben deswegen da ich gelesen hab das man nicht mehr eigenständig etwas unternehmen soll. Hier die entsprechende FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Kevin K (administrator) on KEVINK-PC on 06-01-2014 16:49:07
Running from C:\Users\Kevin K\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Akamai Technologies, Inc.) C:\Users\Kevin K\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Akamai Technologies, Inc.) C:\Users\Kevin K\AppData\Local\Akamai\netsession_win.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-09-21] (IDT, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2013-09-21] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-06-14] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [DpAgent] - C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe [842816 2009-12-01] (DigitalPersona, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Kevin K\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [Autodesk Sync] - C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
MountPoints2: {7a9c5c75-22ed-11e3-be0d-806e6f6e6963} - F:\setup.exe
MountPoints2: {9ea60ecc-22fd-11e3-adee-806e6f6e6963} - E:\SETUP.EXE
AppInit_DLLs: [ ] ()
Lsa: [Notification Packages] scecli DPPWDFLT
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1D15D9D4FFB6CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr&cd=2XzuyEtN2Y1L1QzuyE0C0E0ByEtBtC0EtA0E0EtAtBtB0FtBtN0D0Tzu0SyBtCtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=353117069&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.dll (HP)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR RestoreOnStartup: "hxxp://google.de/"
CHR Extension: (Google Docs) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\14.0.0.4651_0
CHR Extension: (Safe Money) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\14.0.0.4651_0
CHR Extension: (Dangerous Websites Blocker) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\14.0.0.4651_0
CHR Extension: (Virtual Keyboard) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\14.0.0.4816_0
CHR Extension: (Google Wallet) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (Anti-Banner) - C:\Users\Kevin K\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\14.0.0.4651_0
CHR HKLM-x32\...\Chrome\Extension: [acfoobbgoakpihljnfedbcfaipcdlfhk] - C:\Users\Kevin K\AppData\Roaming\BabSolution\CR\bueno.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [jpfgjjhcgfbfkkoelpepohanhmbhdanh] - C:\Program Files (x86)\HP SimplePass\tschrome.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-05] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620640 2014-01-05] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-05] (Kaspersky Lab ZAO)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-06 16:49 - 2014-01-06 16:49 - 00017254 _____ C:\Users\Kevin K\Downloads\FRST.txt
2014-01-06 16:48 - 2014-01-06 16:48 - 00000000 ____D C:\FRST
2014-01-06 16:46 - 2014-01-06 16:46 - 01931762 _____ (Farbar) C:\Users\Kevin K\Downloads\FRST64.exe
2014-01-06 04:23 - 2014-01-06 04:24 - 00000000 ____D C:\Windows\system32\MRT
2014-01-06 04:23 - 2013-12-01 14:42 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-06 03:57 - 2014-01-06 03:57 - 00000000 ____D C:\Program Files\IDT
2014-01-05 22:46 - 2014-01-05 22:46 - 00000965 _____ C:\Users\Kevin K\Desktop\JRT.txt
2014-01-05 22:41 - 2014-01-05 22:41 - 00000000 ____D C:\Windows\ERUNT
2014-01-05 22:40 - 2014-01-05 22:40 - 01036305 _____ (Thisisu) C:\Users\Kevin K\Desktop\JRT.exe
2014-01-05 22:13 - 2014-01-05 22:24 - 00000000 ____D C:\AdwCleaner
2014-01-05 22:11 - 2014-01-05 22:11 - 01233962 _____ C:\Users\Kevin K\Desktop\adwcleaner_3.016.exe
2014-01-05 21:56 - 2014-01-05 21:56 - 00001539 _____ C:\Users\Kevin K\Desktop\Detaillierter Bericht Maleware.txt
2014-01-05 20:04 - 2014-01-05 20:04 - 00002330 _____ C:\Users\Kevin K\Desktop\Sicherer Zahlungsverkehr.lnk
2014-01-05 20:03 - 2014-01-06 16:33 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-05 20:03 - 2014-01-05 20:12 - 00620640 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-01-05 20:03 - 2014-01-05 20:03 - 00001124 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-01-05 20:03 - 2014-01-05 20:03 - 00000000 ____D C:\Windows\ELAMBKUP
2014-01-05 20:03 - 2014-01-05 20:03 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2014-01-05 20:03 - 2013-06-08 20:18 - 00112224 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-01-05 20:03 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-01-05 16:18 - 2014-01-05 20:02 - 00000000 ____D C:\Users\Kevin K\Desktop\Yamaha Raptor
2014-01-05 15:34 - 2014-01-05 17:44 - 256314176 _____ C:\Users\Kevin K\Downloads\kis14.0.0.4651abDE_5169.exe
2014-01-05 01:22 - 2014-01-05 01:22 - 00000000 ____D C:\Users\Kevin K\AppData\Roaming\Symantec
2014-01-05 01:12 - 2014-01-05 01:12 - 00000000 ____D C:\Program Files\Validity Sensors
2014-01-05 01:07 - 2011-08-09 08:28 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-01-05 01:05 - 2011-04-15 16:00 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-01-05 00:58 - 2014-01-05 00:58 - 00003170 _____ C:\Windows\System32\Tasks\{E461BF0B-C3E4-4B7F-BFB8-DABAC4174951}
2014-01-05 00:57 - 2014-01-05 00:57 - 00003180 _____ C:\Windows\System32\Tasks\{FC182135-FA14-4D5E-9D14-7F8A8A26DBFD}
2014-01-04 21:36 - 2014-01-04 21:36 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-04 21:35 - 2014-01-06 16:33 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 21:35 - 2014-01-06 03:57 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-04 21:35 - 2014-01-04 23:52 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-04 21:35 - 2014-01-04 23:52 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-04 21:35 - 2014-01-04 21:35 - 00000000 ____D C:\Users\Kevin K\AppData\Local\Deployment
2014-01-04 21:35 - 2014-01-04 21:35 - 00000000 ____D C:\Users\Kevin K\AppData\Local\Apps\2.0
2013-12-31 02:40 - 2014-01-02 18:01 - 00000000 ____D C:\Users\Kevin K\Desktop\Skyline Leistungsdiagramme
2013-12-30 22:59 - 2014-01-05 01:26 - 00000000 ____D C:\Users\Kevin K\Desktop\Autos Berechnungen
2013-12-29 14:32 - 2014-01-05 20:02 - 00000000 ____D C:\Users\Kevin K\AppData\Roaming\newnext.me
2013-12-29 14:32 - 2013-12-29 14:32 - 00000000 ____D C:\Users\Kevin K\AppData\Local\genienext
2013-12-29 14:32 - 2013-12-29 14:32 - 00000000 ____D C:\Users\Kevin K\.android
2013-12-29 14:23 - 2014-01-05 17:42 - 00000000 ____D C:\Users\Kevin K\Desktop\Projekt Quad
2013-12-29 14:11 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-29 14:11 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-29 14:11 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-29 14:11 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-29 14:11 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-29 14:11 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-29 14:11 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-29 14:11 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-29 14:11 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-29 14:11 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-29 14:11 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-29 14:11 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-29 14:11 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-29 14:11 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-29 14:11 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-29 14:11 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-29 14:11 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-29 14:11 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-29 14:11 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-29 14:11 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-29 14:11 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-29 14:11 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-29 14:11 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-29 14:11 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-29 14:11 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-29 14:11 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-29 14:11 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-29 14:11 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-29 14:11 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-29 14:11 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-29 14:11 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-24 01:49 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-24 01:47 - 2013-12-24 01:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-24 01:47 - 2013-12-24 01:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-24 01:47 - 2013-12-24 01:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-24 01:47 - 2013-12-24 01:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-24 01:47 - 2013-12-24 01:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-24 01:47 - 2013-12-24 01:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-24 01:47 - 2013-12-24 01:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-24 01:46 - 2013-12-24 01:49 - 00010277 _____ C:\Windows\IE11_main.log
2013-12-24 01:44 - 2013-12-24 01:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-12-24 01:44 - 2013-12-24 01:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-12-24 01:06 - 2013-12-24 01:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-12-24 01:01 - 2013-12-24 01:01 - 00003484 _____ C:\Windows\System32\Tasks\KMS Activation
2013-12-24 00:57 - 2013-12-24 00:57 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-12-24 00:57 - 2013-12-24 00:57 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-24 00:56 - 2013-12-24 00:56 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-24 00:56 - 2013-12-24 00:56 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-12-24 00:56 - 2013-12-24 00:56 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-12-24 00:53 - 2013-12-24 00:56 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 __RHD C:\MSOCache
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-24 00:52 - 2013-12-24 00:52 - 00000000 ____D C:\Users\Kevin K\AppData\Roaming\WinRAR
2013-12-24 00:44 - 2014-01-06 16:34 - 00000000 ____D C:\Program Files\KMSpico
2013-12-24 00:41 - 2013-12-24 00:43 - 01954626 _____ (ByELDI) C:\Users\Kevin K\Downloads\KMSpico v3.2.exe
2013-12-24 00:35 - 2013-12-24 00:35 - 02083288 _____ C:\Users\Kevin K\Downloads\winrar-x64-501d.exe
2013-12-24 00:35 - 2013-12-24 00:35 - 00000000 ____D C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-24 00:35 - 2013-12-24 00:35 - 00000000 ____D C:\Program Files\WinRAR
2013-12-24 00:26 - 2013-12-24 00:47 - 820998144 _____ C:\Users\Kevin K\Documents\OfficeProfessionalPlus_x64_de-de.img
2013-12-11 13:03 - 2013-12-11 13:03 - 00000000 ____D C:\ProgramData\McAfee
2013-12-11 12:49 - 2013-12-11 13:08 - 00000000 ____D C:\ProgramData\Adobe
2013-12-11 12:46 - 2013-12-25 19:26 - 00000000 ____D C:\Users\wangzhisong
2013-12-11 12:46 - 2013-12-11 12:46 - 00000000 ____D C:\Users\wangzhisong\AppData\Local\Mobogenie
2013-12-11 12:46 - 2013-12-11 12:46 - 00000000 ____D C:\Users\Kevin K\AppData\Local\cache
2013-12-11 12:46 - 2013-12-11 12:46 - 00000000 _____ C:\Users\Kevin K\daemonprocess.txt
2013-12-11 12:43 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 12:43 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 12:43 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 12:43 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 00:44 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 00:44 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 00:44 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 00:44 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 00:44 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 00:44 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 00:44 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 00:44 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 00:44 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 00:44 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 00:44 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 00:44 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 00:44 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 00:44 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 00:44 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 00:44 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 00:44 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 00:44 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 00:44 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
==================== One Month Modified Files and Folders =======
2014-01-06 16:49 - 2014-01-06 16:49 - 00017254 _____ C:\Users\Kevin K\Downloads\FRST.txt
2014-01-06 16:48 - 2014-01-06 16:48 - 00000000 ____D C:\FRST
2014-01-06 16:46 - 2014-01-06 16:46 - 01931762 _____ (Farbar) C:\Users\Kevin K\Downloads\FRST64.exe
2014-01-06 16:40 - 2009-07-14 05:45 - 00015952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-06 16:40 - 2009-07-14 05:45 - 00015952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-06 16:39 - 2009-07-14 18:58 - 00699474 _____ C:\Windows\system32\perfh007.dat
2014-01-06 16:39 - 2009-07-14 18:58 - 00149582 _____ C:\Windows\system32\perfc007.dat
2014-01-06 16:39 - 2009-07-14 06:13 - 01619816 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-06 16:37 - 2013-09-21 19:45 - 01093115 _____ C:\Windows\WindowsUpdate.log
2014-01-06 16:34 - 2013-12-24 00:44 - 00000000 ____D C:\Program Files\KMSpico
2014-01-06 16:33 - 2014-01-05 20:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-06 16:33 - 2014-01-04 21:35 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-06 16:33 - 2013-09-22 21:58 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-06 16:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 16:33 - 2009-07-14 05:51 - 00017288 _____ C:\Windows\setupact.log
2014-01-06 04:24 - 2014-01-06 04:23 - 00000000 ____D C:\Windows\system32\MRT
2014-01-06 04:22 - 2013-11-17 14:58 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-06 04:22 - 2013-09-21 20:35 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-06 04:09 - 2013-09-22 22:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-06 03:57 - 2014-01-06 03:57 - 00000000 ____D C:\Program Files\IDT
2014-01-06 03:57 - 2014-01-04 21:35 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-06 03:56 - 2013-09-21 19:56 - 00251904 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll
2014-01-06 03:56 - 2013-09-21 19:56 - 00000000 ____D C:\SWSetup
2014-01-05 22:46 - 2014-01-05 22:46 - 00000965 _____ C:\Users\Kevin K\Desktop\JRT.txt
2014-01-05 22:41 - 2014-01-05 22:41 - 00000000 ____D C:\Windows\ERUNT
2014-01-05 22:40 - 2014-01-05 22:40 - 01036305 _____ (Thisisu) C:\Users\Kevin K\Desktop\JRT.exe
2014-01-05 22:24 - 2014-01-05 22:13 - 00000000 ____D C:\AdwCleaner
2014-01-05 22:18 - 2013-09-21 20:09 - 00047190 _____ C:\Windows\PFRO.log
2014-01-05 22:15 - 2013-09-21 19:46 - 00000969 _____ C:\Users\Kevin K\Desktop\Internet Explorer (64-bit).lnk
2014-01-05 22:15 - 2013-09-21 19:45 - 00000999 _____ C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-05 22:11 - 2014-01-05 22:11 - 01233962 _____ C:\Users\Kevin K\Desktop\adwcleaner_3.016.exe
2014-01-05 21:56 - 2014-01-05 21:56 - 00001539 _____ C:\Users\Kevin K\Desktop\Detaillierter Bericht Maleware.txt
2014-01-05 21:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2014-01-05 20:12 - 2014-01-05 20:03 - 00620640 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-01-05 20:12 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-01-05 20:12 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2014-01-05 20:04 - 2014-01-05 20:04 - 00002330 _____ C:\Users\Kevin K\Desktop\Sicherer Zahlungsverkehr.lnk
2014-01-05 20:03 - 2014-01-05 20:03 - 00001124 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-01-05 20:03 - 2014-01-05 20:03 - 00000000 ____D C:\Windows\ELAMBKUP
2014-01-05 20:03 - 2014-01-05 20:03 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2014-01-05 20:02 - 2014-01-05 16:18 - 00000000 ____D C:\Users\Kevin K\Desktop\Yamaha Raptor
2014-01-05 20:02 - 2013-12-29 14:32 - 00000000 ____D C:\Users\Kevin K\AppData\Roaming\newnext.me
2014-01-05 17:44 - 2014-01-05 15:34 - 256314176 _____ C:\Users\Kevin K\Downloads\kis14.0.0.4651abDE_5169.exe
2014-01-05 17:42 - 2013-12-29 14:23 - 00000000 ____D C:\Users\Kevin K\Desktop\Projekt Quad
2014-01-05 01:26 - 2013-12-30 22:59 - 00000000 ____D C:\Users\Kevin K\Desktop\Autos Berechnungen
2014-01-05 01:22 - 2014-01-05 01:22 - 00000000 ____D C:\Users\Kevin K\AppData\Roaming\Symantec
2014-01-05 01:22 - 2013-09-21 20:05 - 00000000 ____D C:\Program Files (x86)\Intel
2014-01-05 01:20 - 2013-09-21 19:57 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2014-01-05 01:15 - 2013-09-21 20:22 - 00000000 ____D C:\Program Files (x86)\HP SimplePass
2014-01-05 01:14 - 2013-09-21 20:21 - 00000000 ____D C:\ProgramData\Downloaded Installations
2014-01-05 01:12 - 2014-01-05 01:12 - 00000000 ____D C:\Program Files\Validity Sensors
2014-01-05 01:12 - 2013-09-21 20:01 - 00037276 _____ C:\Windows\DPINST.LOG
2014-01-05 01:12 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2014-01-05 01:11 - 2013-09-21 20:25 - 00001376 _____ C:\Windows\Synaptics.log
2014-01-05 01:09 - 2013-09-21 20:28 - 00000000 ____D C:\Windows\SysWOW64\sda
2014-01-05 01:09 - 2013-09-21 20:25 - 00000000 ____D C:\Program Files (x86)\Realtek
2014-01-05 00:58 - 2014-01-05 00:58 - 00003170 _____ C:\Windows\System32\Tasks\{E461BF0B-C3E4-4B7F-BFB8-DABAC4174951}
2014-01-05 00:57 - 2014-01-05 00:57 - 00003180 _____ C:\Windows\System32\Tasks\{FC182135-FA14-4D5E-9D14-7F8A8A26DBFD}
2014-01-04 23:53 - 2013-09-22 22:22 - 00000000 ____D C:\Program Files\Google
2014-01-04 23:53 - 2013-09-22 22:22 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-04 23:52 - 2014-01-04 21:35 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-04 23:52 - 2014-01-04 21:35 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-04 21:36 - 2014-01-04 21:36 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-04 21:35 - 2014-01-04 21:35 - 00000000 ____D C:\Users\Kevin K\AppData\Local\Deployment
2014-01-04 21:35 - 2014-01-04 21:35 - 00000000 ____D C:\Users\Kevin K\AppData\Local\Apps\2.0
2014-01-04 21:32 - 2013-09-22 22:22 - 00000000 ____D C:\Users\Kevin K\AppData\Local\Google
2014-01-04 21:32 - 2013-09-22 22:22 - 00000000 ____D C:\ProgramData\Google
2014-01-02 18:01 - 2013-12-31 02:40 - 00000000 ____D C:\Users\Kevin K\Desktop\Skyline Leistungsdiagramme
2013-12-29 17:03 - 2013-09-21 19:45 - 00000000 ___RD C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-29 14:32 - 2013-12-29 14:32 - 00000000 ____D C:\Users\Kevin K\AppData\Local\genienext
2013-12-29 14:32 - 2013-12-29 14:32 - 00000000 ____D C:\Users\Kevin K\.android
2013-12-29 14:32 - 2013-09-21 19:45 - 00000000 ____D C:\Users\Kevin K
2013-12-25 19:27 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-25 19:26 - 2013-12-11 12:46 - 00000000 ____D C:\Users\wangzhisong
2013-12-25 19:26 - 2009-07-14 05:45 - 00550184 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-25 19:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-24 01:50 - 2013-11-17 16:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-24 01:50 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2013-12-24 01:49 - 2013-12-24 01:46 - 00010277 _____ C:\Windows\IE11_main.log
2013-12-24 01:47 - 2013-12-24 01:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-24 01:47 - 2013-12-24 01:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-24 01:47 - 2013-12-24 01:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-24 01:47 - 2013-12-24 01:47 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-24 01:47 - 2013-12-24 01:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-24 01:47 - 2013-12-24 01:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-24 01:47 - 2013-12-24 01:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-24 01:47 - 2013-12-24 01:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-24 01:47 - 2013-12-24 01:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-24 01:45 - 2013-10-18 17:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-24 01:44 - 2013-12-24 01:44 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2013-12-24 01:44 - 2013-12-24 01:44 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2013-12-24 01:06 - 2013-12-24 01:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-12-24 01:01 - 2013-12-24 01:01 - 00003484 _____ C:\Windows\System32\Tasks\KMS Activation
2013-12-24 01:01 - 2013-09-21 19:59 - 00161520 _____ C:\Users\Kevin K\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-24 00:57 - 2013-12-24 00:57 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-12-24 00:57 - 2013-12-24 00:57 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-24 00:57 - 2009-07-14 19:18 - 00000000 ____D C:\Windows\ShellNew
2013-12-24 00:57 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-24 00:56 - 2013-12-24 00:56 - 00000000 ____D C:\Windows\PCHEALTH
2013-12-24 00:56 - 2013-12-24 00:56 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-12-24 00:56 - 2013-12-24 00:56 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-12-24 00:56 - 2013-12-24 00:53 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 __RHD C:\MSOCache
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-12-24 00:53 - 2013-12-24 00:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-12-24 00:53 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-24 00:52 - 2013-12-24 00:52 - 00000000 ____D C:\Users\Kevin K\AppData\Roaming\WinRAR
2013-12-24 00:47 - 2013-12-24 00:26 - 820998144 _____ C:\Users\Kevin K\Documents\OfficeProfessionalPlus_x64_de-de.img
2013-12-24 00:43 - 2013-12-24 00:41 - 01954626 _____ (ByELDI) C:\Users\Kevin K\Downloads\KMSpico v3.2.exe
2013-12-24 00:35 - 2013-12-24 00:35 - 02083288 _____ C:\Users\Kevin K\Downloads\winrar-x64-501d.exe
2013-12-24 00:35 - 2013-12-24 00:35 - 00000000 ____D C:\Users\Kevin K\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-24 00:35 - 2013-12-24 00:35 - 00000000 ____D C:\Program Files\WinRAR
2013-12-24 00:25 - 2013-09-21 21:52 - 00000000 ____D C:\Users\Kevin K\AppData\Local\Akamai
2013-12-24 00:25 - 2013-09-21 19:45 - 00000000 ____D C:\Users\Kevin K\AppData\Local\VirtualStore
2013-12-11 13:11 - 2013-09-22 22:13 - 00000000 ____D C:\Users\Kevin K\AppData\Local\Adobe
2013-12-11 13:08 - 2013-12-11 12:49 - 00000000 ____D C:\ProgramData\Adobe
2013-12-11 13:03 - 2013-12-11 13:03 - 00000000 ____D C:\ProgramData\McAfee
2013-12-11 12:46 - 2013-12-11 12:46 - 00000000 ____D C:\Users\wangzhisong\AppData\Local\Mobogenie
2013-12-11 12:46 - 2013-12-11 12:46 - 00000000 ____D C:\Users\Kevin K\AppData\Local\cache
2013-12-11 12:46 - 2013-12-11 12:46 - 00000000 _____ C:\Users\Kevin K\daemonprocess.txt
2013-12-11 00:41 - 2013-09-22 22:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 00:41 - 2013-09-22 22:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 00:41 - 2013-09-22 22:22 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
Some content of TEMP:
====================
C:\Users\Kevin K\AppData\Local\Temp\76896uninstall.exe
C:\Users\Kevin K\AppData\Local\Temp\AcDeltree.exe
C:\Users\Kevin K\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kevin K\AppData\Local\Temp\Extract.exe
C:\Users\Kevin K\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Kevin K\AppData\Local\Temp\ose00000.exe
C:\Users\Kevin K\AppData\Local\Temp\Quarantine.exe
C:\Users\Kevin K\AppData\Local\Temp\Resource.exe
C:\Users\Kevin K\AppData\Local\Temp\SP54630.exe
C:\Users\Kevin K\AppData\Local\Temp\SP55101.exe
C:\Users\Kevin K\AppData\Local\Temp\SP55102.exe
C:\Users\Kevin K\AppData\Local\Temp\SP57090.exe
C:\Users\Kevin K\AppData\Local\Temp\sp58915.exe
C:\Users\Kevin K\AppData\Local\Temp\SP59542.exe
C:\Users\Kevin K\AppData\Local\Temp\SP59755.exe
C:\Users\Kevin K\AppData\Local\Temp\sp62291.exe
C:\Users\Kevin K\AppData\Local\Temp\Sqlite3.dll
C:\Users\Kevin K\AppData\Local\Temp\uninst1.exe
C:\Users\Kevin K\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Kevin K\AppData\Local\Temp\VipOtpProvsetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-05 21:12
==================== End Of Log ============================
--- --- --- Hier die Logfile Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2014
Ran by Kevin K at 2014-01-06 16:49:56
Running from C:\Users\Kevin K\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
AMD APP SDK Runtime (Version: 2.5.709.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
AuthenTec TrueAPI 64-bit (Version: 1.5.0.165 - AuthenTec, Inc.) Hidden
Autodesk 360 (Version: 4.0.27.1 - Autodesk)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 - Deutsch (German) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 Language Pack - Deutsch (German) (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Material Library 2014 (x32 Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (x32 Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (x32 Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (Version: 1.0.43.27 - Autodesk)
Autodesk ReCap (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) (Version: 18.0.86.0 - Autodesk)
Autodesk Vault Basic 2014 (Client) (Version: 18.0.86.0 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) German Language Pack (Version: 18.0.86.0 - Autodesk) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.0930.2209.37895 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0930.2209.37895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0930.2209.37895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0930.2209.37895 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0930.2209.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.0930.2208.37895 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.0930.2209.37895 - Advanced Micro Devices, Inc.) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (Version: - Microsoft)
DigitalPersona Personal 4.11 (Version: 4.11.3826 - DigitalPersona, Inc.)
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (Version: 4.4.1.0 - Granta Design Limited)
ESU for Microsoft Windows 7 SP1 (x32 Version: 5.1.1 - Hewlett-Packard)
FARO LS 1.1.501.0 (64bit) (x32 Version: 5.1.0.30630 - FARO Scanner Production)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Connection Manager (x32 Version: 4.1.23.1 - Hewlett-Packard Company)
HP On Screen Display (x32 Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (x32 Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (x32 Version: 2.7.2 - Hewlett-Packard Company)
HP SimplePass (x32 Version: 5.4.0.402 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company)
IDT Audio (x32 Version: 1.0.6381.0 - IDT)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (x32 Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.2.22.0 (x32 Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.1.1.0581 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.6.0.1002 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (Version: 15.01.0500.0903 - Intel Corporation)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
KMSpico 3.1 (Version: 3.1 - )
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) German (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (x32 Version: 7.41.216.2011 - Realtek)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.19.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Synaptics TouchPad Driver (Version: 15.3.11.0 - Synaptics Incorporated)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2850060) 64-Bit Edition (Version: - Microsoft)
Validity WBF DDK (Version: 4.3.205.0 - Validity Sensors, Inc.)
VIP Access SDK (1.1.0.4) (x32 Version: 1.1.0.4 - Symantec Inc.)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (x32 Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (x32 Version: 9.0.30729.177 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (Version: 5.01.0 - win.rar GmbH)
WPM17.8.0.3159 (x32 Version: 17.8.0.3159 - Cherished Technololgy LIMITED) <==== ATTENTION
==================== Restore Points =========================
29-12-2013 13:10:54 Windows Update
29-12-2013 13:32:40 Uniblue SpeedUpMyPC installation
02-01-2014 13:43:13 Windows Update
04-01-2014 20:29:16 Removed Validity WBF DDK
04-01-2014 23:56:52 Konfiguriert IDT Audio
05-01-2014 00:09:14 Installiert Realtek PCIE Card Reader
05-01-2014 00:12:32 Installed Validity WBF DDK
05-01-2014 00:17:31 Installed HP Software Framework
05-01-2014 00:19:27 Installiert PowerDVD
05-01-2014 00:20:39 Installed HP Quick Launch
05-01-2014 00:22:18 Installed Intel(R) Identity Protection Technology 1.2.22.0.
06-01-2014 02:52:46 HPSF Applying updates
06-01-2014 02:57:35 Konfiguriert IDT Audio
06-01-2014 03:23:10 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {2E63A72C-3A63-4F09-A984-66B43050D7C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {301F6C9D-9F64-4980-8961-DB4BB57D1576} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {48A03671-9B38-4956-A791-15FBB6EEAE8B} - System32\Tasks\KMS Activation => C:\Program Files\KMSpico\RandomFile.exe [2013-02-20] ()
Task: {4E6AA15A-15DA-4CC1-9B4E-BC33D8F53EF1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: {5FAFEC98-C80D-41EB-AD7B-25003B0ECD6C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {624AA79D-D42E-4E55-AF8D-4258C5B0C75D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {6F79C27E-4E57-4B60-9C89-A5ACA5E7AE9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {9E403378-7B15-4835-9227-29C030F106D1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {A66535F2-C157-473A-ACBE-B53C8578C17B} - \DSite No Task File
Task: {AD8E4BBC-6A17-488A-9AE8-82793758BF67} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {B0876F3D-7459-44B8-90F7-045973A9A85C} - \DealPly No Task File
Task: {E9527935-7ECF-4667-AE08-4048A126A7F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {ED5D8E68-740B-4165-BAA4-641E2C34261B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {FB0C2D18-1E98-4F7D-83CE-6A956EA2A756} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-08-09 06:44 - 2011-08-09 06:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00056352 _____ () C:\Program Files\Autodesk\Autodesk Sync\qoauth_Ad_1.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00937504 _____ () C:\Program Files\Autodesk\Autodesk Sync\qca_Ad_2.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00124448 _____ () C:\Program Files\Autodesk\Autodesk Sync\QJson.dll
2013-02-04 23:21 - 2013-02-04 23:21 - 00045088 _____ () C:\Program Files\Autodesk\Autodesk Sync\QtSolutions_MFCMigrationFramework_Ad_2.dll
2011-09-30 21:07 - 2011-09-30 21:07 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-09-02 09:49 - 2011-09-02 09:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-27 16:05 - 2011-04-27 16:05 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2013-08-21 13:18 - 2013-11-06 22:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-09-06 11:55 - 2013-12-11 20:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-08-07 10:31 - 2013-11-06 22:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-01-05 01:08 - 2014-01-05 01:08 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1beb84c27c2edeb38839916524b9df4d\IsdiInterop.ni.dll
2013-09-21 21:12 - 2011-05-20 10:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-01-04 21:36 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2014-01-04 21:36 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2014-01-04 21:36 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2014-01-04 21:36 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2014-01-04 21:36 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2011-04-27 16:05 - 2011-04-27 16:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/06/2014 04:14:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0x1bb4
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Error: (01/06/2014 04:14:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0xa08
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Error: (01/06/2014 03:41:35 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0xc1c
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Error: (01/06/2014 03:41:35 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0xfbc
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Error: (01/06/2014 03:41:34 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0x5c0
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Error: (01/06/2014 03:41:34 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0x1918
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Error: (01/06/2014 03:41:34 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0x10b8
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Error: (01/06/2014 03:41:33 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0x1b38
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Error: (01/06/2014 03:41:32 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0xdbc
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
Error: (01/06/2014 03:41:32 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AUDIODG.EXE, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7abf9
Name des fehlerhaften Moduls: sluapo64.dll, Version: 1.4.2.1, Zeitstempel: 0x4db1f4d8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000011c07
ID des fehlerhaften Prozesses: 0x105c
Startzeit der fehlerhaften Anwendung: 0xAUDIODG.EXE0
Pfad der fehlerhaften Anwendung: AUDIODG.EXE1
Pfad des fehlerhaften Moduls: AUDIODG.EXE2
Berichtskennung: AUDIODG.EXE3
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (01/06/2014 04:14:02 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c071bb401cf0a8d596ffbaeC:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll97403b33-7680-11e3-a255-4ceb421e3ee3
Error: (01/06/2014 04:14:02 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c07a0801cf0a8d5822bb08C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll9704b8cc-7680-11e3-a255-4ceb421e3ee3
Error: (01/06/2014 03:41:35 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c07c1c01cf0a88d0ca4d37C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll0e8a7009-767c-11e3-a255-4ceb421e3ee3
Error: (01/06/2014 03:41:35 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c07fbc01cf0a88d0ab7a23C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll0e6bc406-767c-11e3-a255-4ceb421e3ee3
Error: (01/06/2014 03:41:34 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c075c001cf0a88d08a5d17C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll0e4cc9e2-767c-11e3-a255-4ceb421e3ee3
Error: (01/06/2014 03:41:34 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c07191801cf0a88d046c369C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll0e29ff1f-767c-11e3-a255-4ceb421e3ee3
Error: (01/06/2014 03:41:34 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c0710b801cf0a88d0199840C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll0de5c930-767c-11e3-a255-4ceb421e3ee3
Error: (01/06/2014 03:41:33 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c071b3801cf0a88cf6fc134C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll0db6f050-767c-11e3-a255-4ceb421e3ee3
Error: (01/06/2014 03:41:32 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c07dbc01cf0a88cf4e5606C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll0d10e9e2-767c-11e3-a255-4ceb421e3ee3
Error: (01/06/2014 03:41:32 AM) (Source: Application Error)(User: )
Description: AUDIODG.EXE6.1.7601.175144ce7abf9sluapo64.dll1.4.2.14db1f4d8c00000050000000000011c07105c01cf0a88ceb39a62C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll0ce98b2e-767c-11e3-a255-4ceb421e3ee3
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 8139.86 MB
Available physical RAM: 5766.1 MB
Total Pagefile: 16277.9 MB
Available Pagefile: 13085.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.85 GB) (Free:71.38 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.76 GB) (Free:465.66 GB) NTFS
Drive e: (Office14) (CDROM) (Total:1.23 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 1A96511D)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7B7A023C)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von Bomex (06.01.2014 um 17:06 Uhr) |
|
06.01.2014, 21:35
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung KasperskyZitat:
Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.01.2014, 23:16
| #5 |
| | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky okey tut mir leid das ichs nicht vorher gelöscht habe aber habe die ausgewählte datei vom Notebook deinstalliert und die exe datei gelöscht. soll ich noch einmal eine FRST Logdatei anhängen? |
|
06.01.2014, 23:19
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Dir ist schon klar, dass du das illegal freigeschaltete Office und alles andere illegale (falls vorhanden) auch entfernen musst?
__________________ --> Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky |
|
07.01.2014, 00:20
| #7 |
| | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Entschuldigung war mir nicht klar das ich das office auch entfernen muss da ich dies ja eig als testversion offiziell von der microsoft seite heruntergeladen habe und man sich da ja anmelden muss. Aber wenn das so gewünscht wird werde ich dies nachholen andere illegale sachen habe ich nicht. soll ich dann noch einmal eine Logfile senden als bestätigung wenn ja mit welchem Programm? Geändert von Bomex (07.01.2014 um 00:25 Uhr) |
|
07.01.2014, 09:47
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Ok, ich hatte den Eindruck das hättest du auch aus ner illegalen Quelle. Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.01.2014, 13:33
| #9 |
| | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Hat gemeldet das keine Malware vorhanden ist aber Kaspersky zeigt es noch an hab allerdings keine neue durchsuchung damit gemacht hab jetzt mbar 2 mal scannen lassen. Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.16476
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8535261184, free: 6175662080
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.16476
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8535261184, free: 6169034752
Downloaded database version: v2014.01.07.03
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
01/07/2014 13:12:07
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\system32\DRIVERS\klpd.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\igdpmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\Netwsw00.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\AMPPAL.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\iBtFltCoex.sys
\SystemRoot\system32\DRIVERS\btmhsf.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\btmaux.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WinUSB.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\msctf.dll
\Windows\System32\nsi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\setupapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\ws2_32.dll
\Windows\System32\lpk.dll
\Windows\System32\wininet.dll
\Windows\System32\advapi32.dll
\Windows\System32\psapi.dll
\Windows\System32\usp10.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\shlwapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\difxapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\Wldap32.dll
\Windows\System32\normaliz.dll
\Windows\System32\msvcrt.dll
\Windows\System32\sechost.dll
\Windows\System32\ole32.dll
\Windows\System32\shell32.dll
\Windows\System32\user32.dll
\Windows\System32\gdi32.dll
\Windows\System32\imm32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\imagehlp.dll
\Windows\System32\kernel32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80078c5060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-2\
Lower Device Object: 0xfffffa80075a0050
Lower Device Driver Name: \Driver\iaStor\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80078a7790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa800759e050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80078a7790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80078a72c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80078a7790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80077a68d0, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa800759e050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1A96511D
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 409600 Numsec = 312168448
Partition file system is NTFS
Partition is bootable
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 160041885696 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-409599-312561808-312581808)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa80078c5060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80078c5b20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80078c5060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80077a7b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa80075a0050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7B7A023C
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 976769024
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
Infected file C:\Users\Kevin K\AppData\Local\Temp\is1275519350\351891_stp\wajam_validate.exe could not be remediated because backup file is not available
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_409600_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\wajam_validate.exe_k.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\wajam_validate.exe_u.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\wajam_validate.exe_r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.16476
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8535261184, free: 6785359872
Initializing...
=======================================
------------ Kernel report ------------
01/07/2014 13:24:40
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\system32\DRIVERS\klpd.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\igdpmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\Netwsw00.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\AMPPAL.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\iBtFltCoex.sys
\SystemRoot\system32\DRIVERS\btmhsf.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\btmaux.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WinUSB.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\ole32.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shell32.dll
\Windows\System32\msctf.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\gdi32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\user32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\difxapi.dll
\Windows\System32\imm32.dll
\Windows\System32\nsi.dll
\Windows\System32\psapi.dll
\Windows\System32\setupapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\lpk.dll
\Windows\System32\Wldap32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\advapi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\sechost.dll
\Windows\System32\wininet.dll
\Windows\System32\msvcrt.dll
\Windows\System32\kernel32.dll
\Windows\System32\usp10.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800788f790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-2\
Lower Device Object: 0xfffffa8007597050
Lower Device Driver Name: \Driver\iaStor\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007889790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8007594050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007889790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80077908b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007889790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800778f870, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa8007594050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1A96511D
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 409600 Numsec = 312168448
Partition file system is NTFS
Partition is bootable
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 160041885696 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-409599-312561808-312581808)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800788f790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800788f2c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800788f790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007793b10, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa8007597050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7B7A023C
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 976769024
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 500107862016 bytes
Sector size: 512 bytes
Done!
Infected file C:\Users\Kevin K\AppData\Local\Temp\is1275519350\351891_stp\wajam_validate.exe could not be remediated because backup file is not available
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_409600_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\wajam_validate.exe_k.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\wajam_validate.exe_u.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\wajam_validate.exe_r.mbam...
Removal finished
|
|
07.01.2014, 13:51
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Falsches Log, bitte die Anleitung richtig lesen und umsetzen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.01.2014, 23:10
| #11 |
| | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky okey stimmt sorry war in eile musst zur arbeit da hab ich des falsche genommen. Durchlauf 1: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org
Database version: v2014.01.07.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Kevin K :: KEVINK-PC [administrator]
07.01.2014 13:12:11
mbar-log-2014-01-07 (13-12-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 247800
Time elapsed: 7 minute(s), 28 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org
Database version: v2014.01.07.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Kevin K :: KEVINK-PC [administrator]
07.01.2014 13:24:44
mbar-log-2014-01-07 (13-24-44).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 247510
Time elapsed: 7 minute(s), 52 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
08.01.2014, 13:38
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Ok, dann nochmal Adware entfernen. Alle Tools VORHER neu runterladen! Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Shorcut Cleaner Downloade dir bitte
4. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.01.2014, 15:54
| #13 |
| | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Hab noch kurz eine Frage ich soll ja die Tools nochmal installieren richtig? Und dann die Adware/Maleware entfernen mit den aufgeführten Programmen? Nur ich weis nicht mehr genau welche Tools ich damals mit heruntergeladen hab . |
|
08.01.2014, 15:55
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Du kannst lesen oder? Du sollst die Tools adwcleaner, JRT und FRST jew. neu runterladen. Installieren muss man da nichts, die Programme sind direkt ausführbar und brauchen keine install
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.01.2014, 16:09
| #15 |
| | Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky Okey ich hab's falsch verstanden Entschuldigung dafür. Ja lesen kann ich. Hatte Denk Fehler weil dachte sind die Tools von der Toolbar im Browser gemeint. Aber jetzt ist alles klar |
|
| Themen zu Nationzoom und ständig öffnende Fenster im Browser+Maleware meldung Kaspersky |
| adobe, appdatalow, askbar, browser, dateien, desktop, explorer, frage, gelöscht, google, home, iexplore.exe, internet, internet explorer, junkware, kaspersky, launch, löschen, maleware, microsoft, nextlive, ordner, preferences, problem, programme, registrierungsdatenbank, registry, scan, security, software, suche, windows |
Hybrid-Darstellung
