| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mein Internet läuft absolut flüssig, aber alle Streams, Videos usw gehen praktisch gar nicht.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.02.2014, 18:43
| #1 |
| |  Mein Internet läuft absolut flüssig, aber alle Streams, Videos usw gehen praktisch gar nicht. Wie oben beschrieben funktioniert mein Internet einwandfrei. Aber nachdem ich heute Mittag zur Fahrschule gegangen bin und in der Zeit den Computer laufen gelassen habe, haben nach meiner Rückkehr alle Videos und Streams den Geist aufgegeben. Das heißt, dass sie noch laden, aber nur um ein Zehntel so schnell. Ich weiß nicht ob es sich um einen Virus oder ähnliches Handelt. Ich hoffe Hilfe naht °O°  |
|
19.02.2014, 06:55
| #2 |
| /// the machine /// TB-Ausbilder    |  Mein Internet läuft absolut flüssig, aber alle Streams, Videos usw gehen praktisch gar nicht. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
20.02.2014, 19:01
| #3 |
| | Mein Internet läuft absolut flüssig, aber alle Streams, Videos usw gehen praktisch gar nicht. Also,
__________________Hier erstmal das FRST.txt Log: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Timo (administrator) on TIMO-PC on 20-02-2014 18:57:18
Running from C:\Users\Timo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\DAODx.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\PACTray.exe
() C:\Program Files\Plantronics\GameCom780\GameCom780.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) H:\steam2\Steam.exe
() C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Users\Timo\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) H:\steam2\Steam.exe
(Valve Corporation) H:\steam2\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() H:\steam2\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) H:\steam2\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [120328 2008-04-04] (Logitech Inc.)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1860496 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [GUCI_AVS] - C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [PACTray] - C:\Windows\PixArt\PAP7501\PACTray.exe [319488 2009-06-09] (PixArt Imaging Incorporation)
HKLM\...\Run: [GamecomSound] - C:\Program Files\Plantronics\GameCom780\GameCom780.exe [777448 2011-12-01] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600 2010-11-15] (PC Tools)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [KPeerNexonEU] - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2011-02-07] (NEXON Inc.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Akamai NetSession Interface] - "C:\Users\Timo\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Steam] - H:\steam2\steam.exe [1822400 2014-02-20] (Valve Corporation)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [ESL Wire] - C:\Program Files\EslWire\wire.exe [4253696 2013-12-09] (Turtle Entertainment GmbH)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoNetworkConnections] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoCommonGroups] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Search
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Nation Search
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURL hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Java Runtime - {279384DD-3D1B-4086-8679-AA5EC7268BE1} - C:\Users\Timo\AppData\Roaming\JavaRun\IE\JavaRun.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: hxxp://www.bing.com/search?setmkt=de-DE&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-25]
CHR Extension: (Google Drive) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-25]
CHR Extension: (YouTube) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-25]
CHR Extension: (YouTube Center) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdcifocibecgcgigbanojipblimlaoij [2013-10-30]
CHR Extension: (Google-Suche) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-25]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-05-25]
CHR Extension: (AdBlock) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-05-25]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-05-25]
CHR Extension: (Modul für das Blockieren gefährlicher Webseiten) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-05-25]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-05-25]
CHR Extension: (Skype Click to Call) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-05-25]
CHR Extension: (Google Wallet) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-05-25]
CHR Extension: (Google Mail) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-25]
CHR Extension: (Anti-Banner) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-05-25]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]
==================== Services (Whitelisted) =================
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2231616 2010-07-19] ()
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3549224 2010-06-07] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2010-10-01] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-15] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [597504 2009-11-06] (PixArt Imaging Incorporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-23] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 PlantronicsGC; C:\Windows\System32\drivers\PLTGC.sys [1327104 2011-11-05] (C-Media Electronics Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-23] (Kaspersky Lab ZAO)
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 X6va003; \??\C:\Users\Timo\AppData\Local\Temp\00358B1.tmp [X]
S3 X6va005; \??\C:\Users\Timo\AppData\Local\Temp\005CDEE.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-20 18:56 - 2014-02-20 18:56 - 00041847 _____ () C:\Users\Timo\Downloads\Addition.txt
2014-02-20 18:54 - 2014-02-20 18:57 - 00023466 _____ () C:\Users\Timo\Downloads\FRST.txt
2014-02-20 18:54 - 2014-02-20 18:57 - 00000000 ____D () C:\FRST
2014-02-20 18:52 - 2014-02-20 18:53 - 02153472 _____ (Farbar) C:\Users\Timo\Downloads\FRST64.exe
2014-02-20 18:52 - 2014-02-20 18:52 - 00000000 ____D () C:\Users\Timo\Desktop\security
2014-02-17 17:52 - 2014-02-17 17:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\NVIDIA
2014-02-17 17:30 - 2014-02-17 17:30 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\StunlockStudios
2014-02-16 00:06 - 2014-02-16 00:06 - 00000000 ____D () C:\Users\Timo\Desktop\android
2014-02-15 23:50 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-15 23:50 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-15 23:49 - 2014-02-15 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:47 - 2014-02-15 23:47 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-15 23:47 - 2013-03-11 15:26 - 00000000 ____D () C:\Users\UpdatusUser\Documents\Visual Studio 2010
2014-02-15 23:47 - 2011-12-26 16:51 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2014-02-15 23:47 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-15 23:47 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-15 23:45 - 2013-10-23 09:20 - 03426956 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-15 23:42 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-15 23:42 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-15 23:42 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-15 23:42 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-15 23:42 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-15 23:42 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-15 23:42 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-15 23:42 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-02-15 23:30 - 2014-02-15 23:36 - 210746952 _____ (NVIDIA Corporation) C:\Users\Timo\Downloads\331.65-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-15 23:14 - 2014-02-15 23:19 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-02-15 23:14 - 2014-02-15 23:16 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-15 23:12 - 2014-02-15 23:12 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\Timo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-02-08 14:24 - 2014-02-08 14:24 - 00000203 _____ () C:\Users\Timo\Desktop\Dead Island Epidemic.url
2014-01-24 19:21 - 2014-01-24 19:21 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\HackSlashLoot
2014-01-24 15:17 - 2014-01-24 15:17 - 00000000 ____D () C:\Users\Timo\Documents\Gaslamp Games
2014-01-24 11:14 - 2014-01-24 11:14 - 00000203 _____ () C:\Users\Timo\Desktop\Paranautical Activity.url
2014-01-22 18:19 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-22 18:18 - 2014-01-22 18:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 18:18 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 18:18 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-22 18:18 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
==================== One Month Modified Files and Folders =======
2014-02-20 18:57 - 2014-02-20 18:54 - 00023466 _____ () C:\Users\Timo\Downloads\FRST.txt
2014-02-20 18:57 - 2014-02-20 18:54 - 00000000 ____D () C:\FRST
2014-02-20 18:57 - 2013-02-20 16:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 18:56 - 2014-02-20 18:56 - 00041847 _____ () C:\Users\Timo\Downloads\Addition.txt
2014-02-20 18:56 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:56 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:53 - 2014-02-20 18:52 - 02153472 _____ (Farbar) C:\Users\Timo\Downloads\FRST64.exe
2014-02-20 18:52 - 2014-02-20 18:52 - 00000000 ____D () C:\Users\Timo\Desktop\security
2014-02-20 18:51 - 2011-02-07 14:36 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Skype
2014-02-20 18:13 - 2011-02-07 14:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 17:55 - 2011-02-04 18:19 - 02052298 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 17:23 - 2011-03-05 17:13 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-20 17:10 - 2011-04-17 22:20 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\TS3Client
2014-02-20 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-02-20 17:05 - 2012-05-27 15:10 - 00000000 ____D () C:\Users\Timo\AppData\Local\ESL Wire Game Client
2014-02-20 17:04 - 2011-12-26 18:12 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-02-20 17:04 - 2011-02-07 14:37 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 17:04 - 2009-07-14 05:51 - 01548624 _____ () C:\Windows\setupact.log
2014-02-20 17:03 - 2011-02-05 13:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-20 17:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 17:44 - 2013-11-17 01:13 - 00000000 ____D () C:\Users\Timo\AppData\Local\Battle.net
2014-02-17 17:52 - 2014-02-17 17:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\NVIDIA
2014-02-17 17:30 - 2014-02-17 17:30 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\StunlockStudios
2014-02-16 14:38 - 2013-11-17 01:13 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-16 12:56 - 2011-02-19 20:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\PMB Files
2014-02-16 11:58 - 2011-02-19 20:52 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-16 00:06 - 2014-02-16 00:06 - 00000000 ____D () C:\Users\Timo\Desktop\android
2014-02-15 23:50 - 2011-02-05 13:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-15 23:50 - 2011-02-05 13:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-15 23:50 - 2011-02-05 13:31 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-15 23:49 - 2014-02-15 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:47 - 2014-02-15 23:47 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-15 23:36 - 2014-02-15 23:30 - 210746952 _____ (NVIDIA Corporation) C:\Users\Timo\Downloads\331.65-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-02-15 23:19 - 2014-02-15 23:14 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-02-15 23:16 - 2014-02-15 23:14 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-15 23:16 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-15 23:12 - 2014-02-15 23:12 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\Timo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-02-12 21:08 - 2011-02-07 14:37 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 21:08 - 2011-02-07 14:37 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-08 14:24 - 2014-02-08 14:24 - 00000203 _____ () C:\Users\Timo\Desktop\Dead Island Epidemic.url
2014-02-04 21:57 - 2013-02-20 16:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 21:57 - 2013-02-20 16:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:57 - 2013-02-20 16:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-03 14:52 - 2011-07-10 21:13 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-03 14:52 - 2011-03-06 00:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-28 15:37 - 2013-11-17 01:13 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Battle.net
2014-01-24 19:21 - 2014-01-24 19:21 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\HackSlashLoot
2014-01-24 15:17 - 2014-01-24 15:17 - 00000000 ____D () C:\Users\Timo\Documents\Gaslamp Games
2014-01-24 11:14 - 2014-01-24 11:14 - 00000203 _____ () C:\Users\Timo\Desktop\Paranautical Activity.url
2014-01-22 18:21 - 2013-11-04 17:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-22 18:18 - 2014-01-22 18:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 18:18 - 2011-02-05 22:25 - 00000000 ____D () C:\Program Files (x86)\Java
Files to move or delete:
====================
C:\Users\Timo\{1A8140AD-3D01-7C98-D764-55146F5D4AE5}-HBLiteSA.exe
Some content of TEMP:
====================
C:\Users\Timo\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.15.4.7479-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7619-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7631-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7636-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.0.7639-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.1.7657-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.2.7687-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.3.7769-x64.exe
C:\Users\Timo\AppData\Local\Temp\HitmanPro.exe
C:\Users\Timo\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Timo\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Timo\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 17:16
==================== End Of Log ============================
--- --- --- --- --- --- Also, Hier erstmal das FRST.txt Log: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Timo (administrator) on TIMO-PC on 20-02-2014 18:57:18
Running from C:\Users\Timo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\DAODx.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\PACTray.exe
() C:\Program Files\Plantronics\GameCom780\GameCom780.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) H:\steam2\Steam.exe
() C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
() C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech(c)) C:\Program Files (x86)\Logitech\G35\G35.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Users\Timo\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) H:\steam2\Steam.exe
(Valve Corporation) H:\steam2\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() H:\steam2\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) H:\steam2\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [120328 2008-04-04] (Logitech Inc.)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1860496 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [GUCI_AVS] - C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [PACTray] - C:\Windows\PixArt\PAP7501\PACTray.exe [319488 2009-06-09] (PixArt Imaging Incorporation)
HKLM\...\Run: [GamecomSound] - C:\Program Files\Plantronics\GameCom780\GameCom780.exe [777448 2011-12-01] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] ()
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600 2010-11-15] (PC Tools)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [KPeerNexonEU] - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [438272 2011-02-07] (NEXON Inc.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Akamai NetSession Interface] - "C:\Users\Timo\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Steam] - H:\steam2\steam.exe [1822400 2014-02-20] (Valve Corporation)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [ESL Wire] - C:\Program Files\EslWire\wire.exe [4253696 2013-12-09] (Turtle Entertainment GmbH)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoNetworkConnections] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3772474302-332197646-2498302637-1000\...\Policies\Explorer: [NoCommonGroups] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nation Search
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Nation Search
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - URL hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKLM-x32 - TopResultURL hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=367792749&q={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Java Runtime - {279384DD-3D1B-4086-8679-AA5EC7268BE1} - C:\Users\Timo\AppData\Roaming\JavaRun\IE\JavaRun.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
DPF: HKLM-x32 {3860DD98-0549-4D50-AA72-5D17D200EE10} hxxp://cdn.scan.onecare.live.com/resource/download/scanner/de-de/wlscctrl2.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR DefaultSearchKeyword: bing.com
CHR DefaultSearchProvider: Bing
CHR DefaultSearchURL: hxxp://www.bing.com/search?setmkt=de-DE&q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-25]
CHR Extension: (Google Drive) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-25]
CHR Extension: (YouTube) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-25]
CHR Extension: (YouTube Center) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdcifocibecgcgigbanojipblimlaoij [2013-10-30]
CHR Extension: (Google-Suche) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-25]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-05-25]
CHR Extension: (AdBlock) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-05-25]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2013-05-25]
CHR Extension: (Modul für das Blockieren gefährlicher Webseiten) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2013-05-25]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-05-25]
CHR Extension: (Skype Click to Call) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-05-25]
CHR Extension: (Google Wallet) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-05-25]
CHR Extension: (Google Mail) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-25]
CHR Extension: (Anti-Banner) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2013-05-25]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-25]
==================== Services (Whitelisted) =================
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-01-20] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [2231616 2010-07-19] ()
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2013-06-11] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3549224 2010-06-07] (INCA Internet Co., Ltd.)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2010-10-01] (PC Tools)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-12-15] ()
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [597504 2009-11-06] (PixArt Imaging Incorporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-18] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-04-23] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2010-06-10] (CACE Technologies)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-02] (INCA Internet Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 PlantronicsGC; C:\Windows\System32\drivers\PLTGC.sys [1327104 2011-11-05] (C-Media Electronics Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 dump_wmimmc; \??\C:\Program Files\gPotato.eu\FlyFF\GameGuard\dump_wmimmc.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-23] (Kaspersky Lab ZAO)
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 X6va003; \??\C:\Users\Timo\AppData\Local\Temp\00358B1.tmp [X]
S3 X6va005; \??\C:\Users\Timo\AppData\Local\Temp\005CDEE.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-20 18:56 - 2014-02-20 18:56 - 00041847 _____ () C:\Users\Timo\Downloads\Addition.txt
2014-02-20 18:54 - 2014-02-20 18:57 - 00023466 _____ () C:\Users\Timo\Downloads\FRST.txt
2014-02-20 18:54 - 2014-02-20 18:57 - 00000000 ____D () C:\FRST
2014-02-20 18:52 - 2014-02-20 18:53 - 02153472 _____ (Farbar) C:\Users\Timo\Downloads\FRST64.exe
2014-02-20 18:52 - 2014-02-20 18:52 - 00000000 ____D () C:\Users\Timo\Desktop\security
2014-02-17 17:52 - 2014-02-17 17:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\NVIDIA
2014-02-17 17:30 - 2014-02-17 17:30 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\StunlockStudios
2014-02-16 00:06 - 2014-02-16 00:06 - 00000000 ____D () C:\Users\Timo\Desktop\android
2014-02-15 23:50 - 2013-10-18 02:36 - 01063200 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-02-15 23:50 - 2013-10-18 02:36 - 00955168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-02-15 23:49 - 2014-02-15 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:47 - 2014-02-15 23:47 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-15 23:47 - 2013-03-11 15:26 - 00000000 ____D () C:\Users\UpdatusUser\Documents\Visual Studio 2010
2014-02-15 23:47 - 2011-12-26 16:51 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Macromedia
2014-02-15 23:47 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-15 23:47 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-15 23:45 - 2013-10-23 09:20 - 03426956 _____ () C:\Windows\system32\nvcoproc.bin
2014-02-15 23:42 - 2013-10-23 11:30 - 30344480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 22933792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 18199872 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 15855568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 12572960 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-15 23:42 - 2013-10-23 11:30 - 11426568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 11374520 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 09524088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 09480328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433165.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433165.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 01241376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00696096 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00655136 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00560416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-15 23:42 - 2013-10-23 11:30 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-15 23:42 - 2013-09-28 00:01 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-15 23:42 - 2013-09-28 00:01 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-02-15 23:42 - 2013-09-28 00:01 - 00028960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-15 23:42 - 2013-06-16 13:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-15 23:42 - 2013-06-16 13:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-15 23:42 - 2013-01-29 09:35 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-02-15 23:30 - 2014-02-15 23:36 - 210746952 _____ (NVIDIA Corporation) C:\Users\Timo\Downloads\331.65-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-15 23:14 - 2014-02-15 23:19 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-02-15 23:14 - 2014-02-15 23:16 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-15 23:12 - 2014-02-15 23:12 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\Timo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-02-08 14:24 - 2014-02-08 14:24 - 00000203 _____ () C:\Users\Timo\Desktop\Dead Island Epidemic.url
2014-01-24 19:21 - 2014-01-24 19:21 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\HackSlashLoot
2014-01-24 15:17 - 2014-01-24 15:17 - 00000000 ____D () C:\Users\Timo\Documents\Gaslamp Games
2014-01-24 11:14 - 2014-01-24 11:14 - 00000203 _____ () C:\Users\Timo\Desktop\Paranautical Activity.url
2014-01-22 18:19 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-22 18:18 - 2014-01-22 18:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 18:18 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-22 18:18 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-22 18:18 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
==================== One Month Modified Files and Folders =======
2014-02-20 18:57 - 2014-02-20 18:54 - 00023466 _____ () C:\Users\Timo\Downloads\FRST.txt
2014-02-20 18:57 - 2014-02-20 18:54 - 00000000 ____D () C:\FRST
2014-02-20 18:57 - 2013-02-20 16:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-20 18:56 - 2014-02-20 18:56 - 00041847 _____ () C:\Users\Timo\Downloads\Addition.txt
2014-02-20 18:56 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:56 - 2009-07-14 05:45 - 00014800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 18:53 - 2014-02-20 18:52 - 02153472 _____ (Farbar) C:\Users\Timo\Downloads\FRST64.exe
2014-02-20 18:52 - 2014-02-20 18:52 - 00000000 ____D () C:\Users\Timo\Desktop\security
2014-02-20 18:51 - 2011-02-07 14:36 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Skype
2014-02-20 18:13 - 2011-02-07 14:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 17:55 - 2011-02-04 18:19 - 02052298 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 17:23 - 2011-03-05 17:13 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-20 17:10 - 2011-04-17 22:20 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\TS3Client
2014-02-20 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-02-20 17:05 - 2012-05-27 15:10 - 00000000 ____D () C:\Users\Timo\AppData\Local\ESL Wire Game Client
2014-02-20 17:04 - 2011-12-26 18:12 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-02-20 17:04 - 2011-02-07 14:37 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 17:04 - 2009-07-14 05:51 - 01548624 _____ () C:\Windows\setupact.log
2014-02-20 17:03 - 2011-02-05 13:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-20 17:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 17:44 - 2013-11-17 01:13 - 00000000 ____D () C:\Users\Timo\AppData\Local\Battle.net
2014-02-17 17:52 - 2014-02-17 17:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\NVIDIA
2014-02-17 17:30 - 2014-02-17 17:30 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\StunlockStudios
2014-02-16 14:38 - 2013-11-17 01:13 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-16 12:56 - 2011-02-19 20:52 - 00000000 ____D () C:\Users\Timo\AppData\Local\PMB Files
2014-02-16 11:58 - 2011-02-19 20:52 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-16 00:06 - 2014-02-16 00:06 - 00000000 ____D () C:\Users\Timo\Desktop\android
2014-02-15 23:50 - 2011-02-05 13:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-15 23:50 - 2011-02-05 13:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-15 23:50 - 2011-02-05 13:31 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-15 23:49 - 2014-02-15 23:49 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-02-15 23:47 - 2014-02-15 23:47 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Musik
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Documents\Eigene Bilder
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2014-02-15 23:47 - 2014-02-15 23:47 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2014-02-15 23:36 - 2014-02-15 23:30 - 210746952 _____ (NVIDIA Corporation) C:\Users\Timo\Downloads\331.65-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-02-15 23:19 - 2014-02-15 23:14 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-02-15 23:16 - 2014-02-15 23:14 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-02-15 23:16 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-15 23:15 - 2014-02-15 23:15 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-02-15 23:12 - 2014-02-15 23:12 - 10414824 _____ (BlueStack Systems Inc.) C:\Users\Timo\Downloads\BlueStacks-SplitInstaller_native.exe
2014-02-12 21:08 - 2011-02-07 14:37 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 21:08 - 2011-02-07 14:37 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-08 14:24 - 2014-02-08 14:24 - 00000203 _____ () C:\Users\Timo\Desktop\Dead Island Epidemic.url
2014-02-04 21:57 - 2013-02-20 16:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-04 21:57 - 2013-02-20 16:46 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-04 21:57 - 2013-02-20 16:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-03 14:52 - 2011-07-10 21:13 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-03 14:52 - 2011-03-06 00:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-28 15:37 - 2013-11-17 01:13 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\Battle.net
2014-01-24 19:21 - 2014-01-24 19:21 - 00000000 ____D () C:\Users\Timo\AppData\Roaming\HackSlashLoot
2014-01-24 15:17 - 2014-01-24 15:17 - 00000000 ____D () C:\Users\Timo\Documents\Gaslamp Games
2014-01-24 11:14 - 2014-01-24 11:14 - 00000203 _____ () C:\Users\Timo\Desktop\Paranautical Activity.url
2014-01-22 18:21 - 2013-11-04 17:35 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-22 18:18 - 2014-01-22 18:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-22 18:18 - 2011-02-05 22:25 - 00000000 ____D () C:\Program Files (x86)\Java
Files to move or delete:
====================
C:\Users\Timo\{1A8140AD-3D01-7C98-D764-55146F5D4AE5}-HBLiteSA.exe
Some content of TEMP:
====================
C:\Users\Timo\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.15.4.7479-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7619-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7631-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.16.0.7636-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.0.7639-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.1.7657-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.2.7687-x64.exe
C:\Users\Timo\AppData\Local\Temp\EslWireSetup-1.17.3.7769-x64.exe
C:\Users\Timo\AppData\Local\Temp\HitmanPro.exe
C:\Users\Timo\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Timo\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Timo\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 17:16
==================== End Of Log ============================
--- --- --- --- --- --- Tut mir Leid, dass ich das zwei mal geschickt habe. Hier die Addcition.txt: Error: (02/19/2014 07:27:12 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: DOSBox.exe, Version: 0.74.0.0, Zeitstempel: 0x4d854294 Name des fehlerhaften Moduls: SDL.dll, Version: 1.2.14.0, Zeitstempel: 0x4d8524d9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00024739 ID des fehlerhaften Prozesses: 0x8b0 Startzeit der fehlerhaften Anwendung: 0xDOSBox.exe0 Pfad der fehlerhaften Anwendung: DOSBox.exe1 Pfad des fehlerhaften Moduls: DOSBox.exe2 Berichtskennung: DOSBox.exe3 Error: (02/19/2014 07:24:36 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: DOSBox.exe, Version: 0.74.0.0, Zeitstempel: 0x4d854294 Name des fehlerhaften Moduls: SDL.dll, Version: 1.2.14.0, Zeitstempel: 0x4d8524d9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00024739 ID des fehlerhaften Prozesses: 0x1330 Startzeit der fehlerhaften Anwendung: 0xDOSBox.exe0 Pfad der fehlerhaften Anwendung: DOSBox.exe1 Pfad des fehlerhaften Moduls: DOSBox.exe2 Berichtskennung: DOSBox.exe3 Error: (02/19/2014 07:18:30 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: DOSBox.exe, Version: 0.74.0.0, Zeitstempel: 0x4d854294 Name des fehlerhaften Moduls: SDL.dll, Version: 1.2.14.0, Zeitstempel: 0x4d8524d9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00024739 ID des fehlerhaften Prozesses: 0x12e0 Startzeit der fehlerhaften Anwendung: 0xDOSBox.exe0 Pfad der fehlerhaften Anwendung: DOSBox.exe1 Pfad des fehlerhaften Moduls: DOSBox.exe2 Berichtskennung: DOSBox.exe3 Error: (02/19/2014 06:50:31 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: DOSBox.exe, Version: 0.74.0.0, Zeitstempel: 0x4d854294 Name des fehlerhaften Moduls: SDL.dll, Version: 1.2.14.0, Zeitstempel: 0x4d8524d9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00024739 ID des fehlerhaften Prozesses: 0x16b8 Startzeit der fehlerhaften Anwendung: 0xDOSBox.exe0 Pfad der fehlerhaften Anwendung: DOSBox.exe1 Pfad des fehlerhaften Moduls: DOSBox.exe2 Berichtskennung: DOSBox.exe3 Error: (02/19/2014 06:06:51 PM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (02/19/2014 06:06:22 PM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall System errors: ============= Error: (02/20/2014 06:21:29 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/20/2014 06:21:29 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (02/20/2014 05:04:55 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1053 Error: (02/20/2014 05:04:31 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/20/2014 05:04:31 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht. Error: (02/19/2014 06:10:38 PM) (Source: volsnap) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (02/18/2014 04:12:08 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Kaspersky Anti-Virus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/18/2014 01:41:13 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1053 Error: (02/18/2014 01:40:47 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/18/2014 01:40:47 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht. Microsoft Office Sessions: ========================= Error: (02/20/2014 06:21:32 PM) (Source: Steam Client Service)(User: ) Description: Failed to poke open firewall Error: (02/20/2014 05:03:50 PM) (Source: SideBySide)(User: ) Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\amd64_micros oft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL Error: (02/19/2014 08:16:32 PM) (Source: Application Error)(User: ) Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c000000500024739122001cf2da16fbebc9fH:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll573a2d5f-999a-11e3-be0d-bcaec51fc960 Error: (02/19/2014 07:34:48 PM) (Source: Application Error)(User: ) Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c00000050002473931401cf2da0690a0cc2H:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll829dfcd7-9994-11e3-be0d-bcaec51fc960 Error: (02/19/2014 07:27:12 PM) (Source: Application Error)(User: ) Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c0000005000247398b001cf2d9fe8505a2dH:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll72b29d61-9993-11e3-be0d-bcaec51fc960 Error: (02/19/2014 07:24:36 PM) (Source: Application Error)(User: ) Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c000000500024739133001cf2d9f91ca57b9H:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll15b60003-9993-11e3-be0d-bcaec51fc960 Error: (02/19/2014 07:18:30 PM) (Source: Application Error)(User: ) Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c00000050002473912e001cf2d9b1e5f76eeH:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll3ba5e25d-9992-11e3-be0d-bcaec51fc960 Error: (02/19/2014 06:50:31 PM) (Source: Application Error)(User: ) Description: DOSBox.exe0.74.0.04d854294SDL.dll1.2.14.04d8524d9c00000050002473916b801cf2d9aa4c1a25eH:\steam2\steamapps\common\Tomb Raider (I)\DOSBox.exeH:\steam2\steamapps\common\Tomb Raider (I)\SDL.dll52a884d6-998e-11e3-be0d-bcaec51fc960 Error: (02/19/2014 06:06:51 PM) (Source: Steam Client Service)(User: ) Description: Failed to poke open firewall Error: (02/19/2014 06:06:22 PM) (Source: Steam Client Service)(User: ) Description: Failed to poke open firewall CodeIntegrity Errors: =================================== Date: 2014-02-18 17:18:48.815 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-18 17:18:48.814 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-18 17:18:48.811 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-18 17:18:48.797 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-18 17:18:48.794 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-18 17:18:48.790 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-14 13:44:59.604 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-14 13:44:59.603 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-14 13:44:59.600 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-02-14 13:44:59.588 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 82% Total physical RAM: 4094.18 MB Available physical RAM: 706.8 MB Total Pagefile: 8186.55 MB Available Pagefile: 3112.9 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:195.21 GB) (Free:17.7 GB) NTFS Drive d: () (Fixed) (Total:390.62 GB) (Free:269.43 GB) NTFS Drive h: (Elements) (Fixed) (Total:931.51 GB) (Free:724.66 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3E51F3BB) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=391 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 00372B75) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
21.02.2014, 15:00
| #4 |
| /// the machine /// TB-Ausbilder | Mein Internet läuft absolut flüssig, aber alle Streams, Videos usw gehen praktisch gar nicht. So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Mein Internet läuft absolut flüssig, aber alle Streams, Videos usw gehen praktisch gar nicht. |
| absolut, compu, computer, funktionier, funktioniert, geist, gen, heute, hilfe, hoffe, inter, interne, internet, laden, laufe, laufen, praktisch, rückkehr, videos, virus, ähnliches |
Linear-Darstellung
