|
Plagegeister aller Art und deren Bekämpfung: Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttabWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
30.05.2014, 13:43 | #31 |
| Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab Ich bin mir nicht sicher, aber ich kanns ja nochmal als Admin ausführen und nachschauen ob es dann keine Probleme gibt. Liebe Grüße JZ Also ich habe es nochmal als Admin gestartet, aber die Problematik ist dieselbe. Wegen Java: Konnte ich leider nicht Updaten, da sich Java nicht öffnet wenn ich es in den Systemsteuerungen anklicke. Wusste nicht ob Java für dieses Programm relevant ist deswegen wollte ich das nochmal erwähnen. Liebe Grüße JZ |
31.05.2014, 10:40 | #32 |
/// the machine /// TB-Ausbilder | Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab Java am BEsten deinstallieren und dann neu installieren.
__________________Poste mal bitte ein frisches FRST log und berichte nochmal, welche Probleme es noch gibt. Das Tool von Tewaking erstmal weglassen.
__________________ |
01.06.2014, 11:33 | #33 |
| Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab Hi okay hier erstmal ein frischer FRST log:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 Ran by Jakob (administrator) on JAKOB-PC on 01-06-2014 12:27:17 Running from C:\Users\Jakob\Desktop Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Safe Mode (with Networking) ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2245120 2009-07-15] (VIA) HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink) HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.) HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.) HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [557056 2010-11-17] (BitLeader) HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-10] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-06-07] (Apple Inc.) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [190808 2011-03-01] (Logitech Inc.) HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1632216 2012-07-23] (Autodesk, Inc.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.) HKU\S-1-5-21-2068435371-3128089409-3168065367-1003\...\Run: [TBPanel] => C:\Program Files (x86)\Vtune\TBPanel.exe [2158592 2010-07-30] () HKU\S-1-5-21-2068435371-3128089409-3168065367-1003\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-2068435371-3128089409-3168065367-1003\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-13] (Logitech Inc.) HKU\S-1-5-21-2068435371-3128089409-3168065367-1003\...\Run: [Akamai NetSession Interface] => C:\Users\Jakob\AppData\Local\Akamai\netsession_win.exe [4441920 2012-10-09] (Akamai Technologies, Inc.) HKU\S-1-5-21-2068435371-3128089409-3168065367-1003\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-17] (Google Inc.) Startup: C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - No Name - {69B6939F-C70D-45C5-9BBD-E2E2CC3DD8E5} - No File Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\do8tjsde.default FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer) FF SearchPlugin: C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\do8tjsde.default\searchplugins\youtube-videosuche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Ghostery - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\do8tjsde.default\Extensions\firefox@ghostery.com.xpi [2013-08-17] FF Extension: Adblock Plus - C:\Users\Jakob\AppData\Roaming\Mozilla\Firefox\Profiles\do8tjsde.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-13] FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-05-25] FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-20] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-20] FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] Chrome: ======= CHR HomePage: hxxp://searchab.com/?aff=7&uid=71c8178b-836f-11e2-8bc7-20cf303a6d8f CHR Extension: (KeyDownload) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodkncoddaagiibpdlfepebiggiijkbe [2013-03-02] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Jakob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-04-22] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] ==================== Services (Whitelisted) ================= S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] () S2 mi-raysat_3dsmax2013_64; C:\Program Files\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe [86016 2011-09-15] () R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-04] () S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () ==================== Drivers (Whitelisted) ==================== S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-11-20] () R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-03-31] (DT Soft Ltd) S3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] () S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-11-20] () S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-09-14] (Duplex Secure Ltd.) S2 TBPanel; No ImagePath S3 catchme; \??\C:\ComboFix\catchme.sys [X] S1 MpKsl98e9b9dd; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E1AC6F3B-6C43-4DF0-B8A8-AD594BC37998}\MpKsl98e9b9dd.sys [X] S1 MpKsle98afae4; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E1AC6F3B-6C43-4DF0-B8A8-AD594BC37998}\MpKsle98afae4.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\system32\drivers\appid.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\atksgt.sys FC0E8778C000291CAF60EB88C011E931 C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706 C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys ==> MD5 is legit C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\diginet.sys 08347F97002D0A5101B010E1F60FFAFE C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\dtsoftbus01.sys ==> MD5 is legit C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52 C:\Windows\System32\DRIVERS\E1G6032E.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\fssfltr.sys 6C06701BF1DB05405804D7EB610991CE C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\GEARAspiWDM.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\iLokDrvr.sys BEF622DCE5FC16655100B9C6ABAA4C9C C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6 C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64 C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\lirsgt.sys 156AB2E56DC3CA0B582E3362E07CDED7 C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\LVPr2M64.sys DED333DBDBBCC3555A6E6244522E2F1A C:\Windows\System32\DRIVERS\lvrs64.sys 8BB169810C66B32364886A8751325181 C:\Windows\System32\DRIVERS\lvuvc64.sys D49858FB1432A0601FCE2A9E452D6BC9 C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\MpFilter.sys 9EB89625A82AC961F25E7C865947BF9A C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404 C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163 C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ASACPI.sys 19B006B181E3875FD254F7B67ACF1E7C C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\NisDrvWFP.sys C3E0696C3B42F694C5822776AA6FFFDF C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2 C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\drivers\nvhda64v.sys 8D4AAC74B571FC356560E5B308955E93 C:\Windows\System32\DRIVERS\nvlddmkm.sys FCBA1C22727939E7CFF9EB08FE9692AB C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\DRIVERS\pccsmcfdx64.sys 81B5E63131090879AD6EF9F32109B88D C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Rt64win7.sys BAEFEE35D27A5440D35092CE10267BEC C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Sftfslh.sys 2046AA7491DE7EFA4D70E615D9BC9D09 C:\Windows\System32\DRIVERS\Sftplaylh.sys 0E0446BC4D51BE4263ACB7E33491191C C:\Windows\System32\DRIVERS\Sftredirlh.sys C5FB982CD266E604ED3142102C26D62C C:\Windows\System32\DRIVERS\Sftvollh.sys 2575511AF67AA1FA068CCC4918E2C2A3 C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\Drivers\sptd.sys 4B3F898DC1378CED2F35D04E5B0CE0DF C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28 C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3 C:\Windows\System32\DRIVERS\ss_bbus.sys EF806D212D34B0E173BAEB3564D53E37 C:\Windows\System32\DRIVERS\ss_bmdfl.sys 08B1B34ABEBEB6AC2DEA06900C56411E C:\Windows\System32\DRIVERS\ss_bmdm.sys 71A9DA6BEAA4CB54DFB827FB78600A5D C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51 C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51 C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit C:\Windows\System32\Drivers\TFsExDisk.sys 48D9D00C2E0E72C3D4F52772C80355F6 C:\Windows\SysWOW64\Drivers\TFsExDisk.sys 48D9D00C2E0E72C3D4F52772C80355F6 C:\Windows\System32\Drivers\Tpkd.sys D154DD00C8F12D94C9CC94027356B6E4 C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09 C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit C:\Windows\System32\Drivers\usbaapl64.sys ==> MD5 is legit C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2 C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965 C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24 C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6 C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3 C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\System32\drivers\viahduaa.sys 627270F2103D41086BAB9675A3315DAB C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-01 12:27 - 2014-06-01 12:27 - 00000000 ____D () C:\Users\Jakob\Desktop\FRST-OlderVersion 2014-05-31 16:38 - 2014-05-31 16:38 - 00000000 ____D () C:\Users\Jakob\Desktop\Java 2014-05-31 16:36 - 2014-05-31 16:36 - 00000000 _____ () C:\Users\Jakob\uninst-java-JAKOB-PC.cmd 2014-05-31 16:36 - 2014-05-31 16:36 - 00000000 _____ () C:\Users\Jakob\java-JAKOB-PC.txt 2014-05-29 12:45 - 2014-05-30 20:44 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2014-05-29 12:32 - 2014-05-29 12:32 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JAKOB-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat 2014-05-29 12:13 - 2014-05-29 12:13 - 00000000 ____D () C:\RegBackup 2014-05-29 10:31 - 2014-05-29 10:34 - 00000000 ____D () C:\Users\Jakob\Desktop\Tweaking.com - Windows Repair 2014-05-29 10:31 - 2014-05-29 10:29 - 03434761 _____ () C:\Users\Jakob\Desktop\tweaking.com_windows_repair_aio.zip 2014-05-29 10:30 - 2014-05-29 10:30 - 03434761 _____ () C:\Users\Jakob\Downloads\tweaking.com_windows_repair_aio(1).zip 2014-05-29 10:30 - 2014-05-29 10:30 - 00000000 ____D () C:\Users\Jakob\Downloads\Tweaking.com - Windows Repair 2014-05-29 10:29 - 2014-05-29 10:29 - 03434761 _____ () C:\Users\Jakob\Downloads\tweaking.com_windows_repair_aio.zip 2014-05-27 16:56 - 2014-05-27 16:56 - 00854367 _____ () C:\Users\Jakob\Desktop\SecurityCheck.exe 2014-05-27 06:44 - 2014-05-27 06:44 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-27 06:42 - 2014-05-27 06:43 - 02347384 _____ (ESET) C:\Users\Jakob\Desktop\esetsmartinstaller_deu.exe 2014-05-25 22:37 - 2014-05-25 22:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-25 22:25 - 2014-05-25 22:25 - 00054959 _____ () C:\Users\Jakob\Desktop\Addition.txt 2014-05-25 22:24 - 2014-06-01 12:27 - 00001123 _____ () C:\Users\Jakob\Desktop\FRST.txt 2014-05-25 22:23 - 2014-06-01 12:27 - 02067456 _____ (Farbar) C:\Users\Jakob\Desktop\FRST64.exe 2014-05-25 22:19 - 2014-05-25 22:19 - 00072927 _____ () C:\Users\Jakob\Desktop\JRT.txt 2014-05-25 22:16 - 2014-05-25 22:16 - 00000000 ____D () C:\Windows\ERUNT 2014-05-25 22:15 - 2014-05-25 22:15 - 01016261 _____ (Thisisu) C:\Users\Jakob\Desktop\JRT.exe 2014-05-25 21:50 - 2014-05-25 21:50 - 00042353 _____ () C:\Users\Jakob\Desktop\AdwCleaner[S0].txt 2014-05-25 21:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-25 21:45 - 2014-05-25 21:47 - 00000000 ____D () C:\AdwCleaner 2014-05-25 21:42 - 2014-05-25 21:42 - 01326389 _____ () C:\Users\Jakob\Desktop\adwcleaner_3.210.exe 2014-05-25 20:54 - 2014-05-30 19:32 - 00001218 _____ () C:\Windows\PFRO.log 2014-05-22 08:15 - 2014-05-22 08:15 - 00023585 _____ () C:\ComboFix.txt 2014-05-22 08:15 - 2014-05-22 08:15 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp 2014-05-22 08:15 - 2014-05-22 08:15 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-05-22 08:15 - 2014-05-22 08:15 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-05-22 08:15 - 2014-05-22 08:15 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-05-22 07:53 - 2014-05-22 07:53 - 05200426 ____R (Swearware) C:\Users\Jakob\Desktop\ComboFix.exe 2014-05-22 07:53 - 2014-05-22 07:53 - 05200426 _____ (Swearware) C:\Users\Jakob\Downloads\ComboFix(1).exe 2014-05-19 10:10 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-19 10:10 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-19 10:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-19 10:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-19 10:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-19 10:10 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-19 10:10 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-19 10:10 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-19 09:56 - 2014-05-19 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-05-19 09:56 - 2014-05-19 09:56 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-05-18 08:24 - 2014-05-22 08:15 - 00000000 ____D () C:\Qoobox 2014-05-18 08:24 - 2014-05-22 08:14 - 00000000 ____D () C:\Windows\erdnt 2014-05-18 08:20 - 2014-05-18 08:21 - 05200990 _____ (Swearware) C:\Users\Jakob\Downloads\ComboFix.exe 2014-05-18 08:18 - 2014-05-18 08:18 - 06103040 _____ () C:\Program Files (x86)\GUT67B8.tmp 2014-05-18 08:18 - 2014-05-18 08:18 - 00000000 ____D () C:\Program Files (x86)\GUM67B7.tmp 2014-05-12 08:21 - 2014-06-01 12:27 - 00000000 ____D () C:\FRST 2014-05-08 17:30 - 2014-05-08 17:30 - 00000000 ____D () C:\found.001 ==================== One Month Modified Files and Folders ======= 2014-06-01 12:28 - 2010-11-17 16:56 - 00000000 ____D () C:\Users\Jakob\AppData\Local\Temp 2014-06-01 12:27 - 2014-06-01 12:27 - 00000000 ____D () C:\Users\Jakob\Desktop\FRST-OlderVersion 2014-06-01 12:27 - 2014-05-25 22:24 - 00001123 _____ () C:\Users\Jakob\Desktop\FRST.txt 2014-06-01 12:27 - 2014-05-25 22:23 - 02067456 _____ (Farbar) C:\Users\Jakob\Desktop\FRST64.exe 2014-06-01 12:27 - 2014-05-12 08:21 - 00000000 ____D () C:\FRST 2014-06-01 12:21 - 2010-08-16 17:49 - 00776256 _____ () C:\Windows\system32\perfh00A.dat 2014-06-01 12:21 - 2010-08-16 17:49 - 00190318 _____ () C:\Windows\system32\perfc00A.dat 2014-06-01 12:21 - 2009-07-14 19:58 - 00802038 _____ () C:\Windows\system32\perfh007.dat 2014-06-01 12:21 - 2009-07-14 19:58 - 00183852 _____ () C:\Windows\system32\perfc007.dat 2014-06-01 12:21 - 2009-07-14 07:13 - 00006732 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-01 12:17 - 2010-11-17 13:22 - 01181615 _____ () C:\Windows\WindowsUpdate.log 2014-06-01 12:13 - 2009-07-14 06:45 - 00020688 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-01 12:13 - 2009-07-14 06:45 - 00020688 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-01 12:07 - 2014-04-29 07:51 - 00001848 _____ () C:\Windows\setupact.log 2014-06-01 12:07 - 2010-11-12 14:16 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-01 12:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-31 16:38 - 2014-05-31 16:38 - 00000000 ____D () C:\Users\Jakob\Desktop\Java 2014-05-31 16:36 - 2014-05-31 16:36 - 00000000 _____ () C:\Users\Jakob\uninst-java-JAKOB-PC.cmd 2014-05-31 16:36 - 2014-05-31 16:36 - 00000000 _____ () C:\Users\Jakob\java-JAKOB-PC.txt 2014-05-31 16:36 - 2010-11-17 16:55 - 00000000 ____D () C:\Users\Jakob 2014-05-31 16:32 - 2013-09-04 05:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-31 16:25 - 2010-05-10 08:42 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-05-31 16:22 - 2012-12-22 21:42 - 00000000 ____D () C:\Users\Jakob\AppData\Local\LogMeIn Hamachi 2014-05-31 16:19 - 2012-11-15 18:09 - 00000000 ____D () C:\Users\Jakob\AppData\Local\Akamai 2014-05-30 23:06 - 2010-11-17 19:08 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-30 20:44 - 2014-05-29 12:45 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2014-05-30 20:04 - 2014-04-29 07:52 - 00126256 _____ () C:\Users\Jakob\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-30 19:34 - 2014-04-29 07:51 - 00456416 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-05-30 19:32 - 2014-05-25 20:54 - 00001218 _____ () C:\Windows\PFRO.log 2014-05-30 19:25 - 2009-07-14 04:34 - 00000423 _____ () C:\Windows\win.ini 2014-05-29 12:32 - 2014-05-29 12:32 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JAKOB-PC-Microsoft-Windows-7-Ultimate-(64-bit).dat 2014-05-29 12:13 - 2014-05-29 12:13 - 00000000 ____D () C:\RegBackup 2014-05-29 10:34 - 2014-05-29 10:31 - 00000000 ____D () C:\Users\Jakob\Desktop\Tweaking.com - Windows Repair 2014-05-29 10:30 - 2014-05-29 10:30 - 03434761 _____ () C:\Users\Jakob\Downloads\tweaking.com_windows_repair_aio(1).zip 2014-05-29 10:30 - 2014-05-29 10:30 - 00000000 ____D () C:\Users\Jakob\Downloads\Tweaking.com - Windows Repair 2014-05-29 10:29 - 2014-05-29 10:31 - 03434761 _____ () C:\Users\Jakob\Desktop\tweaking.com_windows_repair_aio.zip 2014-05-29 10:29 - 2014-05-29 10:29 - 03434761 _____ () C:\Users\Jakob\Downloads\tweaking.com_windows_repair_aio.zip 2014-05-27 17:04 - 2012-11-16 23:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-27 16:56 - 2014-05-27 16:56 - 00854367 _____ () C:\Users\Jakob\Desktop\SecurityCheck.exe 2014-05-27 06:44 - 2014-05-27 06:44 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-27 06:43 - 2014-05-27 06:42 - 02347384 _____ (ESET) C:\Users\Jakob\Desktop\esetsmartinstaller_deu.exe 2014-05-25 22:38 - 2014-05-25 22:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-25 22:25 - 2014-05-25 22:25 - 00054959 _____ () C:\Users\Jakob\Desktop\Addition.txt 2014-05-25 22:19 - 2014-05-25 22:19 - 00072927 _____ () C:\Users\Jakob\Desktop\JRT.txt 2014-05-25 22:16 - 2014-05-25 22:16 - 00000000 ____D () C:\Windows\ERUNT 2014-05-25 22:15 - 2014-05-25 22:15 - 01016261 _____ (Thisisu) C:\Users\Jakob\Desktop\JRT.exe 2014-05-25 21:50 - 2014-05-25 21:50 - 00042353 _____ () C:\Users\Jakob\Desktop\AdwCleaner[S0].txt 2014-05-25 21:48 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-05-25 21:47 - 2014-05-25 21:45 - 00000000 ____D () C:\AdwCleaner 2014-05-25 21:42 - 2014-05-25 21:42 - 01326389 _____ () C:\Users\Jakob\Desktop\adwcleaner_3.210.exe 2014-05-25 20:58 - 2011-10-04 22:09 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-05-22 08:16 - 2012-10-10 13:45 - 00000000 ____D () C:\Users\Jakob\AppData\Local\Apps\2.0 2014-05-22 08:15 - 2014-05-22 08:15 - 00023585 _____ () C:\ComboFix.txt 2014-05-22 08:15 - 2014-05-22 08:15 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp 2014-05-22 08:15 - 2014-05-22 08:15 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-05-22 08:15 - 2014-05-22 08:15 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-05-22 08:15 - 2014-05-22 08:15 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-05-22 08:15 - 2014-05-18 08:24 - 00000000 ____D () C:\Qoobox 2014-05-22 08:14 - 2014-05-18 08:24 - 00000000 ____D () C:\Windows\erdnt 2014-05-22 08:13 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-05-22 08:13 - 2009-07-14 04:34 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts_bak_127 2014-05-22 07:53 - 2014-05-22 07:53 - 05200426 ____R (Swearware) C:\Users\Jakob\Desktop\ComboFix.exe 2014-05-22 07:53 - 2014-05-22 07:53 - 05200426 _____ (Swearware) C:\Users\Jakob\Downloads\ComboFix(1).exe 2014-05-22 07:44 - 2010-11-17 16:57 - 00000000 ___RD () C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-19 10:36 - 2013-02-20 10:15 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-19 10:36 - 2011-07-28 12:36 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-19 09:56 - 2014-05-19 09:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-05-19 09:56 - 2014-05-19 09:56 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-05-19 09:55 - 2010-11-17 19:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-18 08:21 - 2014-05-18 08:20 - 05200990 _____ (Swearware) C:\Users\Jakob\Downloads\ComboFix.exe 2014-05-18 08:18 - 2014-05-18 08:18 - 06103040 _____ () C:\Program Files (x86)\GUT67B8.tmp 2014-05-18 08:18 - 2014-05-18 08:18 - 00000000 ____D () C:\Program Files (x86)\GUM67B7.tmp 2014-05-08 17:30 - 2014-05-08 17:30 - 00000000 ____D () C:\found.001 2014-05-07 10:15 - 2014-04-30 21:43 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0 2014-05-05 19:56 - 2012-05-02 03:02 - 00001945 _____ () C:\Windows\epplauncher.mif 2014-05-05 19:56 - 2011-10-31 23:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-05-05 19:56 - 2011-10-31 23:27 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-05-02 02:55 - 2010-11-26 21:59 - 00000000 ____D () C:\Users\Jakob\Downloads\The Witcher Patches ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== BCD ================================ Windows-Start-Manager --------------------- Bezeichner {bootmgr} device partition=C: path \bootmgr description Windows Boot Manager locale de-DE default {current} resumeobject {1cd12920-8d91-11de-a42b-806e6f6e6963} displayorder {current} timeout 30 Windows-Startladeprogramm ------------------------- Bezeichner {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 Ultimate (wiederhergestellt) locale de-DE recoverysequence {300230fd-8d99-11de-838d-9019e152cb49} recoveryenabled Yes osdevice partition=C: systemroot \Windows resumeobject {1cd12920-8d91-11de-a42b-806e6f6e6963} Windows-Startladeprogramm ------------------------- Bezeichner {300230fb-8d99-11de-838d-9019e152cb49} Windows-Startladeprogramm ------------------------- Bezeichner {300230fd-8d99-11de-838d-9019e152cb49} device ramdisk=[C:]\Recovery\300230fd-8d99-11de-838d-9019e152cb49\Winre.wim,{300230fe-8d99-11de-838d-9019e152cb49} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\300230fd-8d99-11de-838d-9019e152cb49\Winre.wim,{300230fe-8d99-11de-838d-9019e152cb49} systemroot \windows nx OptIn winpe Yes Wiederaufnahme aus dem Ruhezustand ---------------------------------- Bezeichner {1cd12920-8d91-11de-a42b-806e6f6e6963} device partition=C: path \Windows\system32\winresume.exe description Windows 7 Ultimate (wiederhergestellt) locale de-DE inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows-Speichertestprogramm ---------------------------- Bezeichner {memdiag} device partition=C: path \boot\memtest.exe description Windows Memory Diagnostic locale de-DE Ger„teoptionen -------------- Bezeichner {300230fc-8d99-11de-838d-9019e152cb49} ramdisksdidevice unknown ramdisksdipath \Recovery\3b34de94-8d6b-11de-997b-966d8fc6a6b7\boot.sdi Ger„teoptionen -------------- Bezeichner {300230fe-8d99-11de-838d-9019e152cb49} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\300230fd-8d99-11de-838d-9019e152cb49\boot.sdi LastRegBack: 2014-05-29 13:36 ==================== End Of Log ============================ Java lässt sich nicht deinstallieren. Bei der Meldung "Deinstallation wird vorbereitet" bleibt es einfach stehen. Auch per CMD-Befehl lies es sich nicht deinstallieren. Im abgesichert Modus bekomme ich eine Meldung von wegen "Windows Installer" wäre nicht richtig installiert. Ist mir schleierhaft wie das überhaupt gehen soll. Zu meinen problemen: Mein internet funktioniert im Grunde genommen es ist nur Extrem langsam. Die USB Ports funktionieren nicht. Windows lässt sich nicht herunterfahren. (Jedes mal eine Meldung von wegen Windows müsse konfiguriert werden) Beim Hochfahren auch ab und zu Probleme (Beim starten von Windows hängt es sich auf) Die Gesamtperformance scheint auch extrem langsam zu sein. Liebe Grüße JZ |
02.06.2014, 10:11 | #34 |
/// the machine /// TB-Ausbilder | Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab Windows DVD da?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
03.06.2014, 05:44 | #35 |
| Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab Hi, ja hab mal meine Windows DvD rausgekramt Liebe Grüße Jz |
03.06.2014, 19:39 | #36 |
/// the machine /// TB-Ausbilder | Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab "In Place Upgrade" Mach das mal.
__________________ --> Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab |
04.06.2014, 06:36 | #37 |
| Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab Hi habe jetzt das Problem das sich Windows 7 nicht Upgraden lassen will weil es bereits auf Service Pack 1 ist. Leider ist SP1 schon vorinstalliert gewesen bei meinem Windows 7 deshalb kann ich es auch nicht bei "Programme und Funktionen" unter "Installierte Updates" finden und deinstallieren. Gibts ne möglichkeit das trotzdem noch zu entfernen um das Upgrade trotzdem noch auszuführen? Liebe Grüße JZ |
04.06.2014, 19:06 | #38 |
/// the machine /// TB-Ausbilder | Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
05.06.2014, 06:17 | #39 |
| Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab Ich habe bei meinem Rechner Windows 7 64Bit Ultimate ist das dann in Ordnung wenn ich die ISO von Windows 7 Professionals nehme? Freundliche Grüße JZ |
05.06.2014, 19:30 | #40 |
/// the machine /// TB-Ausbilder | Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab nit wirklich, müsste schon Ultimate sein. So langsam wirds eng....
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Rechner durch Schadsoftware nicht nutzbar PUP.optional.defaulttab |
bildschirm, cursor, dateien, diverse, festplatte, firefox, folge, icons, installation, kaspersky, malwarebytes, merkwürdig, microsoft, namen, neustarten, pixel, probleme, rechner, registry, security, start, starten, tab, voll, windows |