Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Online Banking KAV Plugin?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.02.2015, 19:11   #1
Aenna14
 
Online Banking KAV Plugin? - Frage

Online Banking KAV Plugin?



Hallo,

seit einiger Zeit habe ich das Gefühl, mein Laptop gibt den Geist auf. Die Tastatur spinnt jeden zweiten Tag, die USB-Buchsen gehen manchmal nicht und jetzt kam auch noch ein Pop-up, dass das Online Banking KAV Plugin nicht mehr funktioniert oder so ähnlich. Liegt das vielleicht an Kaspersky? Denn ich und meine Mama haben uns das neue Kaspersky runtergeladen und seitdem kriegt sie dauernd die Nachricht, dass das drahtlose Netzwerk unzureichend geschützt ist und dann bricht ihr Wlan zusammen und sie muss den Laptop neu starten. Gerade habe ich auch diese Nachricht gekriegt. Was ist das und wie kriegt man das weg? Ich kenne mich nicht sonderlich mit den Fachbegriffen usw aus, deshalb möchte ich da ohne Wissen nicht groß rumdoktern Ich hoffe ihr könnt mir helfen.

Alt 02.02.2015, 19:22   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Online Banking KAV Plugin? - Standard

Online Banking KAV Plugin?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.02.2015, 19:43   #3
Aenna14
 
Online Banking KAV Plugin? - Standard

Online Banking KAV Plugin?



FRST.txt=


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Asus (administrator) on ASUS-PC on 02-02-2015 19:38:41
Running from C:\Users\Asus\Desktop
Loaded Profiles: Asus (Available profiles: Asus)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sonix Technology Co., Ltd.) C:\Windows\vsnp2uvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [909824 2010-01-21] (Sonix Technology Co., Ltd.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4014234079-676004641-2961829972-1001\...\Run: [Driver Whiz] => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [3976560 2013-09-19] (PC Drivers Headquarters)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4014234079-676004641-2961829972-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4014234079-676004641-2961829972-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4014234079-676004641-2961829972-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-4014234079-676004641-2961829972-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKU\S-1-5-21-4014234079-676004641-2961829972-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKU\S-1-5-21-4014234079-676004641-2961829972-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll (Macromedia, Inc.)
FF SearchPlugin: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\searchplugins\webde-suche.xml
FF Extension: GMX MailCheck - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\Extensions\toolbar@gmx.net [2014-12-19]
FF Extension: Cliqz Beta - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\Extensions\cliqz@cliqz.com.xpi [2014-11-01]
FF Extension: ProxTube - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: Adblock Plus - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-20]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-01-13]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-01-13]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-01-13]
FF HKU\S-1-5-21-4014234079-676004641-2961829972-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\xjqmyywj.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-28] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-01-14] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [818888 2015-01-14] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-01-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800832 2010-09-07] (Sonix Technology Co., Ltd.)
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 19:38 - 2015-02-02 19:39 - 00022252 _____ () C:\Users\Asus\Desktop\FRST.txt
2015-02-02 19:37 - 2015-02-02 19:37 - 02131456 _____ (Farbar) C:\Users\Asus\Desktop\FRST64.exe
2015-02-02 18:56 - 2015-02-02 18:56 - 00000000 _____ () C:\Windows\SysWOW64\shoF3B0.tmp
2015-02-02 18:51 - 2015-02-02 18:51 - 00000000 ____H () C:\Users\Asus\AppData\Local\BITDA52.tmp
2015-02-02 18:51 - 2015-02-02 18:51 - 00000000 _____ () C:\Users\Asus\AppData\Local\{2714501C-BF29-4E41-B8EB-937E9480BF5D}
2015-01-29 16:10 - 2015-01-29 16:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-29 16:06 - 2015-02-02 18:57 - 00000392 _____ () C:\Windows\setupact.log
2015-01-29 16:06 - 2015-01-29 16:06 - 00002750 _____ () C:\Windows\PFRO.log
2015-01-29 16:06 - 2015-01-29 16:06 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-29 16:04 - 2015-01-29 16:04 - 00268228 _____ () C:\Users\Asus\Desktop\Lesezeichen2015
2015-01-28 12:26 - 2015-01-28 12:26 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-01-16 17:03 - 2015-01-16 17:03 - 00032768 _____ () C:\Windows\system32\persistent_q.db-shm
2015-01-16 17:03 - 2015-01-16 17:03 - 00003176 _____ () C:\Windows\system32\persistent_q.db-wal
2015-01-16 17:03 - 2015-01-16 17:03 - 00001024 _____ () C:\Windows\system32\persistent_q.db
2015-01-14 22:26 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-01-13 21:25 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 21:24 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 21:24 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 21:24 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 21:24 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 21:24 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 21:24 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 21:24 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 21:24 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 21:24 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 21:24 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 21:24 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 21:24 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 15:05 - 2015-01-13 15:05 - 00002292 _____ () C:\Users\Asus\Desktop\Sicherer Zahlungsverkehr.lnk
2015-01-13 15:00 - 2015-01-13 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-01-13 15:00 - 2015-01-13 14:59 - 00002102 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-01-13 14:58 - 2015-01-13 14:58 - 00000000 ___SD () C:\Users\Asus\Documents\Passwords Database
2015-01-13 14:56 - 2014-08-12 18:33 - 00246456 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 19:38 - 2014-04-25 14:59 - 00000000 ____D () C:\FRST
2015-02-02 19:29 - 2014-01-15 17:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-02 19:08 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-02 19:08 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-02 19:05 - 2013-09-09 22:38 - 01651238 _____ () C:\Windows\WindowsUpdate.log
2015-02-02 19:00 - 2013-12-23 20:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 18:57 - 2013-09-24 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-02 18:57 - 2013-09-09 23:12 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2015-02-02 18:57 - 2013-09-09 22:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-02 18:57 - 2011-01-12 16:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 18:57 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-02 18:50 - 2011-01-12 16:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-31 17:26 - 2009-08-04 10:51 - 00711530 _____ () C:\Windows\system32\perfh007.dat
2015-01-31 17:26 - 2009-08-04 10:51 - 00153720 _____ () C:\Windows\system32\perfc007.dat
2015-01-31 17:26 - 2009-07-14 06:13 - 01652924 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-30 14:29 - 2014-07-17 19:42 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-29 16:05 - 2014-01-25 13:42 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\SoftGrid Client
2015-01-28 18:46 - 2014-07-17 19:43 - 00000000 ____D () C:\ProgramData\Origin
2015-01-28 17:34 - 2013-09-28 22:31 - 00000000 ____D () C:\Users\Asus\Desktop\bilder
2015-01-28 15:50 - 2013-11-10 13:23 - 00000000 ____D () C:\Users\Asus\AppData\Roaming\vlc
2015-01-28 12:28 - 2013-09-26 16:42 - 00000000 ____D () C:\ProgramData\Skype
2015-01-28 12:23 - 2014-07-17 19:51 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-01-28 12:23 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-26 19:26 - 2013-12-23 20:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-26 19:25 - 2013-09-24 20:10 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-26 19:25 - 2013-09-24 20:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 21:29 - 2014-09-23 17:49 - 00001300 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2015-01-14 00:02 - 2014-08-20 18:04 - 00818888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-01-14 00:02 - 2014-08-18 14:43 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-01-14 00:02 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2015-01-13 15:05 - 2013-09-09 23:13 - 00001427 _____ () C:\Windows\system32\ServiceFilter.ini
2015-01-13 15:00 - 2014-01-15 17:09 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-01-12 23:18 - 2014-12-28 21:17 - 00000000 ____D () C:\Users\Asus\Desktop\kotziwhatsapp
2015-01-06 04:36 - 2014-01-20 23:32 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-02-02 18:51 - 2015-02-02 18:51 - 0000000 ____H () C:\Users\Asus\AppData\Local\BITDA52.tmp
2014-11-13 22:07 - 2014-11-13 22:07 - 0002164 _____ () C:\Users\Asus\AppData\Local\recently-used.xbel
2015-02-02 18:51 - 2015-02-02 18:51 - 0000000 _____ () C:\Users\Asus\AppData\Local\{2714501C-BF29-4E41-B8EB-937E9480BF5D}
2011-01-12 17:02 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2013-12-05 21:19 - 2014-06-13 14:31 - 0009242 _____ () C:\ProgramData\hpzinstall.log
2011-01-12 16:48 - 2011-01-12 16:49 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-01-12 16:48 - 2011-01-12 16:48 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 18:43

==================== End Of Log ============================
         
--- --- ---



Addition:


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by Asus at 2015-02-02 19:39:49
Running from C:\Users\Asus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
ArcSoft MediaImpression (HKLM-x32\...\{9EC9754D-CA34-4293-B5DB-3BD245A88A43}) (Version: 1.5.42.1113 - ArcSoft)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS K3 Series ScreenSaver (HKLM-x32\...\ASUS K3 Series ScreenSaver) (Version: 1.0.0002 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0030 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 2.0.46.1429 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.3.585 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version:  - Oberon Media Inc.)
Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version:  - Oberon Media Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.3.33.1010 - Electronic Arts Inc.)
Driver Whiz (HKLM-x32\...\{0B540DA4-41AE-4B79-BEAB-0F07E09669AB}) (Version: 8.1 - Driver Whiz)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Free Video Flip and Rotate version 1.0.7.1122 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 1.0.7.1122 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.44.908 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker (HKLM-x32\...\Governor of Poker) (Version:  - Oberon Media Inc.)
Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version:  - Oberon Media Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version:  - Oberon Media Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Luxor 3 (HKLM-x32\...\Luxor 3) (Version:  - Oberon Media Inc.)
Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version:  - Oberon Media Inc.)
MediaJoin (HKLM-x32\...\MediaJoin) (Version:  - Mystik Media)
MediaJoin (x32 Version: 2.0 - Mystik Media) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Octodad (HKLM-x32\...\Octodad) (Version:  - )
OpenOffice Beta 4.1.0 (HKLM-x32\...\{E0284E69-DDCE-4AB0-9A6B-22DC9CB8D7DB}) (Version: 4.10.9760 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version:  - Oberon Media Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 3.50 - Philipp Winterberg)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6294 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version:  - )
USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.55133.208 - Sonix)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
World of Goo (HKLM-x32\...\World of Goo) (Version:  - Oberon Media Inc.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
מסייע Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

30-01-2015 18:42:37 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-16 10:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {22CD7DF9-817A-46F9-A365-6C3E52E2B928} - System32\Tasks\Driver Whiz-RTMRules => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {25B89296-C006-4B4D-B34C-8602086F6F30} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {278D32CA-2056-4563-BF8F-2CB05333B595} - System32\Tasks\Driver Whiz-RTMScanRunOnce => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {312C83F8-D2FA-45ED-B439-2DFD9C9D23D7} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {435B4B08-B8AB-493B-AB2A-1EAAEBE5481F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {557AD619-AEA0-4DE4-9211-C4E954B566D7} - System32\Tasks\Driver Whiz-RTMUpdater => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {609FC815-8B80-4AF2-84FC-A1581E0047B9} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {6454799E-A467-4F70-881E-4C5B66B78103} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {7302B2ED-7C08-4790-826E-BCBC85633CCC} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {828D5464-25B6-4BFA-BA78-5E8E195B66B6} - System32\Tasks\Driver Whiz-RTMScan => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-09-19] (PC Drivers Headquarters)
Task: {B011100D-79B8-4D07-9B66-95E563E9597D} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {C12012C5-397F-4104-98C2-396321DCF603} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {CAB46F0B-AC78-406A-9200-619D677F6155} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EC01C1C5-C294-4587-8F2C-051D7B09C1BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-23 19:34 - 2013-11-11 16:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-11-02 20:58 - 2010-11-02 20:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-09-09 23:11 - 2007-11-30 19:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2010-07-15 00:11 - 2010-07-15 00:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2010-03-16 02:48 - 2010-03-16 02:48 - 00148816 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2011-01-12 17:01 - 2011-01-12 17:01 - 00030032 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3726.20828__0d0f4b69e50e559b\SqliteShared.dll
2011-01-12 17:01 - 2011-01-12 17:01 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2010-04-03 03:21 - 2008-10-01 07:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2011-04-22 08:38 - 2011-01-27 01:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-02 20:58 - 2010-11-02 20:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-09-19 10:00 - 2013-09-19 10:00 - 00684416 _____ () C:\Program Files (x86)\Driver Whiz\Driver Whiz\ThemePack.DriverWhiz.dll
2013-09-19 09:31 - 2013-09-19 09:31 - 00412064 _____ () C:\Program Files (x86)\Driver Whiz\Driver Whiz\Agent.Communication.XmlSerializers.dll
2010-09-24 00:53 - 2010-09-24 00:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-01-29 16:10 - 2015-01-29 16:10 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-30 17:12 - 2015-01-14 00:02 - 00459048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-08-30 17:12 - 2015-01-14 00:02 - 00587048 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-08-30 17:12 - 2015-01-14 00:02 - 00332584 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUS WebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: Nuance PDF Reader-reminder => "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

========================= Accounts: ==========================

Administrator (S-1-5-21-4014234079-676004641-2961829972-500 - Administrator - Disabled)
Asus (S-1-5-21-4014234079-676004641-2961829972-1001 - Administrator - Enabled) => C:\Users\Asus
Gast (S-1-5-21-4014234079-676004641-2961829972-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4014234079-676004641-2961829972-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/02/2015 06:56:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070013, Das Medium ist schreibgeschützt.
.

Error: (02/02/2015 06:56:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80070013, Das Medium ist schreibgeschützt.
]

Error: (02/02/2015 06:55:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (02/02/2015 06:51:13 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: BITS connection error Type: 150::InternetConnectionFailure.

Error: (01/29/2015 04:05:40 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/29/2015 04:04:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2108

Startzeit: 01d03bced6d0903c

Endzeit: 40

Anwendungspfad: C:\Windows\Explorer.exe

Berichts-ID: 24d536b9-a7c8-11e4-838d-f46d044c5c01

Error: (01/29/2015 04:03:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.0.5486, Zeitstempel: 0x54af7153
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.0.5486, Zeitstempel: 0x54af69d4
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1ce4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (01/29/2015 04:03:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.0.5486, Zeitstempel: 0x54af7153
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.0.5486, Zeitstempel: 0x54af69d4
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x10e0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (01/29/2015 04:03:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.0.5486, Zeitstempel: 0x54af7153
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.0.5486, Zeitstempel: 0x54af69d4
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x2360
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (01/29/2015 03:19:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.exe, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 216c

Startzeit: 01d03a51e36b808c

Endzeit: 560

Anwendungspfad: C:\Windows\Explorer.exe

Berichts-ID: d8d88084-a7c1-11e4-838d-f46d044c5c01


System errors:
=============
Error: (02/02/2015 06:55:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AVP15.0.1 erreicht.

Error: (02/02/2015 06:54:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}

Error: (01/29/2015 09:59:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (01/29/2015 04:06:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎01.‎2015 um 16:05:22 unerwartet heruntergefahren.

Error: (01/29/2015 04:05:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AVP15.0.1 erreicht.

Error: (01/29/2015 04:05:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/29/2015 04:05:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AVP15.0.1 erreicht.

Error: (01/29/2015 02:34:58 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AVP15.0.1 erreicht.

Error: (01/28/2015 06:43:13 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/26/2015 07:22:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.


Microsoft Office Sessions:
=========================
Error: (02/02/2015 06:56:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070013, Das Medium ist schreibgeschützt.

Error: (02/02/2015 06:56:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80070013, Das Medium ist schreibgeschützt.

Error: (02/02/2015 06:55:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (02/02/2015 06:51:13 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: BITS connection error Type: 150::InternetConnectionFailure.

Error: (01/29/2015 04:05:40 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/29/2015 04:04:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.exe6.1.7601.17567210801d03bced6d0903c40C:\Windows\Explorer.exe24d536b9-a7c8-11e4-838d-f46d044c5c01

Error: (01/29/2015 04:03:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.0.548654af7153mozalloc.dll35.0.0.548654af69d480000003000014251ce401d03bd4a6fade47C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllfea8e562-a7c7-11e4-838d-f46d044c5c01

Error: (01/29/2015 04:03:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.0.548654af7153mozalloc.dll35.0.0.548654af69d4800000030000142510e001d03bd4a6e07814C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllfea7d3ee-a7c7-11e4-838d-f46d044c5c01

Error: (01/29/2015 04:03:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.0.548654af7153mozalloc.dll35.0.0.548654af69d48000000300001425236001d03bd4a6c4b24cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf6ba5a9f-a7c7-11e4-838d-f46d044c5c01

Error: (01/29/2015 03:19:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.exe6.1.7601.17567216c01d03a51e36b808c560C:\Windows\Explorer.exed8d88084-a7c1-11e4-838d-f46d044c5c01


CodeIntegrity Errors:
===================================
  Date: 2015-01-13 14:58:43.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-13 14:58:43.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-13 14:57:00.838
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-13 14:57:00.838
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-13 14:56:51.238
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-13 14:56:51.228
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-13 14:56:51.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-13 14:56:51.008
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-13 14:56:11.927
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-13 14:56:11.927
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 47%
Total physical RAM: 4007.86 MB
Available physical RAM: 2092.01 MB
Total Pagefile: 8013.89 MB
Available Pagefile: 5591.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:125.03 GB) (Free:26.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:148.06 GB) (Free:147.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 343771F7)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=125 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.1 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
__________________

Alt 03.02.2015, 07:55   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Online Banking KAV Plugin? - Standard

Online Banking KAV Plugin?



Sieht gut aus. KAV komplett deinstallieren und neu installieren.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.02.2015, 12:07   #5
Aenna14
 
Online Banking KAV Plugin? - Standard

Online Banking KAV Plugin?



Sorry für die dumme Frage, aber KAV ist Kaspersky oder? ^^ Kann ich den Code dann trotzdem neu eingeben?


Alt 03.02.2015, 12:14   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Online Banking KAV Plugin? - Standard

Online Banking KAV Plugin?



Ja und ja
__________________
--> Online Banking KAV Plugin?

Antwort

Themen zu Online Banking KAV Plugin?
banking, bricht, dauernd, einiger, funktioniert, geschützt, hoffe, kaspersky, krieg, kriegt, laptop, nachricht, netzwerk, neue, nicht mehr, online, online banking, plugin, spinn, spinnt, starte, tastatur, wissen, wlan, zusammen




Ähnliche Themen: Online Banking KAV Plugin?


  1. Secure Banking - Online Banking auf der sicheren Seite!
    Archiv - 29.08.2016 (471)
  2. Trojaner im Online banking
    Lob, Kritik und Wünsche - 02.12.2014 (0)
  3. Win 8: Probleme mit dem Online Banking
    Plagegeister aller Art und deren Bekämpfung - 16.06.2014 (13)
  4. Wie sicher ist Online-Banking?
    Alles rund um Windows - 16.01.2014 (1)
  5. Online Banking; sms-TAN
    Plagegeister aller Art und deren Bekämpfung - 30.10.2013 (1)
  6. Online-Banking-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 06.03.2013 (14)
  7. Online Banking TAN Abfrage
    Plagegeister aller Art und deren Bekämpfung - 31.01.2013 (7)
  8. Angriff auf Online-Banking
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (7)
  9. Müll aus Secure Banking - Online Banking auf der sicheren Seite!
    Mülltonne - 04.10.2012 (0)
  10. Hermes_V01 - Online-Banking
    Plagegeister aller Art und deren Bekämpfung - 23.08.2012 (20)
  11. Problem mit Online-Banking
    Log-Analyse und Auswertung - 05.12.2011 (3)
  12. TAN / Online-Banking Trojaner!
    Log-Analyse und Auswertung - 29.11.2011 (35)
  13. Online Banking - TAN Abfrage beim Banking - Trojaner?
    Log-Analyse und Auswertung - 12.08.2011 (3)
  14. 30 Tan-Abfrage bei Online-Banking
    Plagegeister aller Art und deren Bekämpfung - 23.06.2011 (6)
  15. Problem mit online Banking
    Plagegeister aller Art und deren Bekämpfung - 06.02.2011 (1)
  16. Online-Banking Trojaner
    Log-Analyse und Auswertung - 05.12.2010 (5)
  17. Online Banking
    Log-Analyse und Auswertung - 16.12.2009 (2)

Zum Thema Online Banking KAV Plugin? - Hallo, seit einiger Zeit habe ich das Gefühl, mein Laptop gibt den Geist auf. Die Tastatur spinnt jeden zweiten Tag, die USB-Buchsen gehen manchmal nicht und jetzt kam auch noch - Online Banking KAV Plugin?...
Archiv
Du betrachtest: Online Banking KAV Plugin? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.