| jerryperry | 11.11.2013 19:47 |
Dann bin ich ja beruhigt :D
Hier die gewünschte logfiles. AdwCleaner:
AdwCleaner Logfile: Code:
# AdwCleaner v3.012 - Bericht erstellt am 11/11/2013 um 18:59:48
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Meinname Muehsam - xxxxx
# Gestartet von : C:\Users\Meinname Muehsam\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Users\Meinname Muehsam\AppData\LocalLow\AskToolbar
Datei Gelöscht : C:\Windows\Uninstall.exe
Datei Gelöscht : C:\Users\Meinname Muehsam\AppData\Roaming\Mozilla\Firefox\Profiles\4sa3mcyc.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4C41DEE4-4EA2-4CBF-AD6B-D8EB3BDB6723}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C41DEE4-4EA2-4CBF-AD6B-D8EB3BDB6723}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16514
-\\ Mozilla Firefox v7.0.1 (de)
[ Datei : C:\Users\Meinname Muehsam\AppData\Roaming\Mozilla\Firefox\Profiles\4sa3mcyc.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=47B16BEE-8932-49B8-B5A5-5B92CECDFBA2&apn_ptnrs=&apn_sauid=6E5F46BF-B242-414A-ADE6-050620BBD94B&ap[...]
Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
-\\ Google Chrome v30.0.1599.101
[ Datei : C:\Users\Meinname Muehsam\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [7602 octets] - [11/11/2013 18:54:49]
AdwCleaner[S0].txt - [7545 octets] - [11/11/2013 18:59:48]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7605 octets] ##########
JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Meinname Muehsam on 11.11.2013 at 19:18:34.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2F718B82-C94C-4CAE-B3B4-7112EF9060F1}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Meinname Muehsam\AppData\Roaming\mozilla\firefox\profiles\4sa3mcyc.default\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.11.2013 at 19:22:20.63
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Und noch die beiden neuen FRST
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Meinname Muehsam (administrator) on xxxxx on 11-11-2013 19:24:56
Running from C:\Users\Meinname Muehsam\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
(Cognizance Corporation) c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
(Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\cltLMH.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [SMSERIAL] - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [729088 2006-10-09] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [827392 2007-01-13] (Synaptics, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4390912 2007-03-09] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [QPService] - C:\Program Files\HP\QuickPlay\QPService.exe [176128 2007-04-24] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [159744 2007-02-13] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [50696 2007-03-12] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [472776 2007-03-01] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [317128 2007-01-11] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [CognizanceTS] - rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-09-06] (RealNetworks, Inc.)
HKLM\...\RunOnce: [Launcher] - %WINDIR%\SMINST\launcher.exe [44128 2006-11-08] (soft thinks)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-02-20] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20474528 2013-10-02] (Skype Technologies S.A.)
MountPoints2: {babd3ef3-e1fb-11e0-bf50-001e37031ac1} - H:\LaunchU3.exe -a
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
AppInit_DLLs: APSHook.dll [ 2006-07-13] (Cognizance Corporation)
Lsa: [Notification Packages] scecli ASWLNPkg
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bluewin.ch/de/email/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {DD66228F-B8BA-4103-A0DB-C0144DA2ADBB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.ch/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7HPEB_de
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.ch/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7HPEB_de
SearchScopes: HKCU - {DD66228F-B8BA-4103-A0DB-C0144DA2ADBB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} hxxp://chkr-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/_2_1_3/ActiveX/IfolorUploader_chkr.cab
DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} hxxp://www.facebook.com/controls/contactx.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-us.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Meinname Muehsam\AppData\Roaming\Mozilla\Firefox\Profiles\4sa3mcyc.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Meinname Muehsam\AppData\Roaming\Mozilla\Firefox\Profiles\4sa3mcyc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Extension: (RealDownloader) - C:\Users\MeinnameS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0
CHR Extension: (Skype Click to Call) - C:\Users\MeinnameS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0
CHR Extension: (Norton Identity Protection) - C:\Users\MeinnameS~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx
========================== Services (Whitelisted) =================
R2 ASBroker; c:\Program Files\Bioscrypt\VeriSoft\Bin\ASWLNPkg.dll [74240 2007-02-07] (Cognizance Corporation)
R2 ASChannel; c:\Program Files\Bioscrypt\VeriSoft\Bin\AsChnl.dll [131584 2006-06-22] (Cognizance Corporation)
R2 CLCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [262243 2007-04-24] ()
S2 CLSched; C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [106593 2007-04-24] ()
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-01-09] (Hewlett-Packard Development Company, L.P.)
S2 gupdate1ca44ff123a0d00; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-10-04] (Google Inc.)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [62984 2007-03-14] (Hewlett-Packard)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\20.4.0.40\diMaster.dll [556336 2013-05-29] (Symantec Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S2 Automatisches LiveUpdate - Scheduler; "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [140424 2007-03-28] (AuthenTec, Inc.)
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20131101.003\BHDrvx86.sys [1096280 2013-10-23] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [134744 2013-04-15] (Symantec Corporation)
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-19] (Microsoft Corporation)
R1 eabfiltr; C:\Windows\System32\DRIVERS\eabfiltr.sys [8192 2006-11-30] (Hewlett-Packard Development Company, L.P.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-27] (Symantec Corporation)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20131108.001\IDSvix86.sys [393816 2013-10-28] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131109.006\NAVENG.SYS [93272 2013-11-08] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131109.006\NAVEX15.SYS [1612376 2013-11-08] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NIS\1404000.028\SRTSP.SYS [603224 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS [32344 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1404000.028\SYMDS.SYS [367704 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1404000.028\SYMEFA.SYS [934488 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-07-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS [175264 2012-07-27] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\system32\drivers\NIS\1404000.028\SYMTDIV.SYS [352344 2013-04-24] (Symantec Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-11 19:23 - 2013-11-09 20:01 - 01089445 _____ (Farbar) C:\Users\Meinname Muehsam\Desktop\FRST.exe
2013-11-11 19:22 - 2013-11-11 19:22 - 00001246 _____ C:\Users\Meinname Muehsam\Desktop\JRT.txt
2013-11-11 19:13 - 2013-11-11 19:13 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 19:08 - 2013-11-11 19:08 - 01034531 _____ (Thisisu) C:\Users\Meinname Muehsam\Desktop\JRT.exe
2013-11-11 18:54 - 2013-11-11 18:59 - 00000000 ____D C:\AdwCleaner
2013-11-11 18:51 - 2013-11-11 18:51 - 01085542 _____ C:\Users\Meinname Muehsam\Desktop\adwcleaner.exe
2013-11-10 17:11 - 2013-11-10 17:55 - 00105176 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-10 17:11 - 2013-11-10 17:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 17:10 - 2013-11-10 17:54 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-10 17:08 - 2013-11-10 18:20 - 00000000 ____D C:\Users\Meinname Muehsam\Desktop\mbar
2013-11-10 17:06 - 2013-11-10 17:06 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Meinname Muehsam\Desktop\mbar-1.07.0.1007.exe
2013-11-09 20:36 - 2013-11-09 20:36 - 00000000 ____D C:\FRST
2013-11-09 11:09 - 2013-11-09 11:09 - 00000000 ____D C:\Windows\pss
2013-11-08 22:32 - 2013-11-08 22:32 - 00001889 _____ C:\Users\Public\Desktop\Adobe Reader 8.lnk
==================== One Month Modified Files and Folders =======
2013-11-11 19:23 - 2006-11-02 11:33 - 01559094 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-11 19:22 - 2013-11-11 19:22 - 00001246 _____ C:\Users\Meinname Muehsam\Desktop\JRT.txt
2013-11-11 19:21 - 2008-03-02 07:17 - 01490800 _____ C:\Windows\WindowsUpdate.log
2013-11-11 19:19 - 2008-04-14 19:38 - 00000000 ____D C:\Users\Meinname Muehsam\AppData\Roaming\Skype
2013-11-11 19:18 - 2009-12-04 16:12 - 00032726 _____ C:\ProgramData\nvModes.001
2013-11-11 19:18 - 2007-06-28 07:51 - 00000000 ____D C:\Windows\SMINST
2013-11-11 19:18 - 2007-06-28 07:34 - 00000148 _____ C:\Users\Public\Documents\hpqp.ini
2013-11-11 19:16 - 2009-12-04 16:12 - 00032726 _____ C:\ProgramData\nvModes.dat
2013-11-11 19:16 - 2009-10-04 15:44 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-11 19:16 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-11 19:16 - 2006-11-02 13:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-11 19:16 - 2006-11-02 13:47 - 00003168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-11 19:15 - 2008-03-02 07:17 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-11-11 19:15 - 2006-11-02 14:01 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-11 19:13 - 2013-11-11 19:13 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 19:08 - 2013-11-11 19:08 - 01034531 _____ (Thisisu) C:\Users\Meinname Muehsam\Desktop\JRT.exe
2013-11-11 18:59 - 2013-11-11 18:54 - 00000000 ____D C:\AdwCleaner
2013-11-11 18:51 - 2013-11-11 18:51 - 01085542 _____ C:\Users\Meinname Muehsam\Desktop\adwcleaner.exe
2013-11-11 18:45 - 2009-10-04 15:44 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 21:41 - 2012-04-22 16:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 18:25 - 2006-11-02 13:52 - 00076913 _____ C:\Windows\setupact.log
2013-11-10 18:20 - 2013-11-10 17:08 - 00000000 ____D C:\Users\Meinname Muehsam\Desktop\mbar
2013-11-10 17:55 - 2013-11-10 17:11 - 00105176 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-10 17:54 - 2013-11-10 17:10 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-10 17:48 - 2007-06-28 07:27 - 00847838 _____ C:\Windows\PFRO.log
2013-11-10 17:11 - 2013-11-10 17:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-10 17:06 - 2013-11-10 17:06 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Meinname Muehsam\Desktop\mbar-1.07.0.1007.exe
2013-11-10 09:01 - 2008-03-01 19:39 - 00000000 ____D C:\Users\Meinname Muehsam
2013-11-09 20:36 - 2013-11-09 20:36 - 00000000 ____D C:\FRST
2013-11-09 20:01 - 2013-11-11 19:23 - 01089445 _____ (Farbar) C:\Users\Meinname Muehsam\Desktop\FRST.exe
2013-11-09 19:53 - 2010-01-14 14:42 - 00000000 ____D C:\Users\Meinname Muehsam\AppData\Local\CrashDumps
2013-11-09 19:01 - 2008-05-03 19:24 - 00000680 _____ C:\Users\Meinname Muehsam\AppData\Local\d3d9caps.dat
2013-11-09 11:09 - 2013-11-09 11:09 - 00000000 ____D C:\Windows\pss
2013-11-08 22:32 - 2013-11-08 22:32 - 00001889 _____ C:\Users\Public\Desktop\Adobe Reader 8.lnk
2013-10-30 21:29 - 2010-10-12 20:04 - 00000000 ____D C:\Users\Meinname Muehsam\Documents\Sohn1
2013-10-30 21:27 - 2012-10-13 20:27 - 00000000 ____D C:\Users\Meinname Muehsam\Documents\Sohn2
2013-10-30 21:21 - 2009-05-29 10:55 - 00000000 ____D C:\Users\Meinname Muehsam\Documents\Sohn3
2013-10-30 17:39 - 2011-12-17 22:49 - 00000000 ____D C:\Users\Meinname Muehsam\Documents\Stellen Meinname
2013-10-17 20:16 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-17 12:47 - 2010-08-07 20:13 - 00000000 ___RD C:\Program Files\Skype
2013-10-17 12:47 - 2008-04-14 19:38 - 00000000 ____D C:\ProgramData\Skype
2013-10-12 15:27 - 2006-11-02 13:47 - 00379288 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-12 15:16 - 2009-10-11 15:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
Some content of TEMP:
====================
C:\Users\Meinname Muehsam\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-11 19:23
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-10-2013
Ran by Meinname Muehsam at 2013-11-11 19:26:18
Running from C:\Users\Meinname Muehsam\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader 8.1.4 - Deutsch (Version: 8.1.4)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
AuthenTec Fingerprint Sensor Minimum Install (Version: 7.7.0.62)
Bing Bar (Version: 7.0.850.0)
Bonjour (Version: 3.0.0.10)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.6.0.12)
Canon Internet Library for ZoomBrowser EX (Version: 1.6.2.7)
Canon MOV Decoder (Version: 1.1.0.31)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.3.0.4)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities Digital Photo Professional 3.6 (Version: 3.6.0.0)
Canon Utilities MyCamera (Version: 7.1.0.1)
Canon Utilities MyCamera DC (Version: 7.1.0.4)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.2.1.31)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.2.0.9)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ESU for Microsoft Vista (Version: 2.0.3.1)
EuroTalk Talk Now Multi-Language (Version: 1.6.6.1)
Fisc2011 (Version: 1.0.0.0)
Fisc2012 (Version: 1.0.0.0)
Google Chrome (Version: 30.0.1599.101)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.21.165)
Hewlett-Packard Active Check (Version: 1.1.7.0)
Hewlett-Packard Asset Agent (Version: 2.0.58.0)
HP Active Support Library (Version: 2.0.9.1)
HP Active Support Library 32 bit components (Version: 1.0.9)
HP Customer Experience Enhancements (Version: 5.1.0.2278)
HP Doc Viewer (Version: 1.01.0005)
HP Easy Setup - Frontend (Version: 5.1.0.2279)
HP Help and Support (Version: 1.1.0)
HP Integrated Module with Bluetooth wireless technology (Version: 6.0.1.3700)
HP Photosmart Essential 2.0 (Version: 2.0)
HP Photosmart Essential2.5 (Version: 1.00.0000)
HP Quick Launch Buttons 6.20 B1 (Version: 6.20 B1)
HP QuickPlay 3.2
HP Update (Version: 4.000.011.006)
HP User Guides 0056 (Version: 1.02.0000)
HP Wireless Assistant (Version: 3.00 F1)
Intel Matrix Storage Manager
iTunes (Version: 11.0.4.4)
Java Auto Updater (Version: 2.0.7.1)
Java(TM) 6 Update 33 (Version: 6.0.330)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
Junk Mail filter update (Version: 14.0.8117.416)
LG USB Modem driver (Version: 1.0)
LG_Mobile Sync (Version: 1.00.0000)
LightScribe 1.4.136.1 (Version: 1.4.136.1)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Works (Version: 08.05.0822)
Motorola SM56 Data Fax Modem
Mozilla Firefox 7.0.1 (x86 de) (Version: 7.0.1)
MSCU for Microsoft Vista (Version: 1.0.1.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Bootable Recovery Tool Wizard (Version: 5.1.0.26)
Norton Internet Security (Version: 20.4.0.40)
NVIDIA Drivers (Version: 1.10)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PDFCreator (Version: 0.9.6)
Private Tax 2009 (Version: 1.0.3.530)
Private Tax 2010 (Version: 1.1.2.583)
Private Tax 2011 1.5 (Version: 1.5)
Private Tax 2012 2.5 (Version: 2.5)
PSSWCORE (Version: 2.00.5000)
PVSonyDll (Version: 1.00.0001)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
Realtek High Definition Audio Driver (Version: 6.0.1.5384)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.4.0)
Roxio Creator Basic v9 (Version: 3.4.0)
Roxio Creator Copy (Version: 3.4.0)
Roxio Creator Data (Version: 3.4.0)
Roxio Creator EasyArchive (Version: 3.4.0)
Roxio Creator Tools (Version: 3.4.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio MyDVD Basic v9 (Version: 9.0.551)
Skype Click to Call (Version: 6.3.11079)
Skype™ 6.9 (Version: 6.9.106)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
steuern.lu.2009 nP 5.0.1
Stöck Wyys Stich Platinum
Synaptics Pointing Device Driver (Version: 9.1.11.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
VeriSoft Access Manager (Version: 2.1.2.880.15)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Family Safety (Version: 14.0.8118.427)
Windows Live Fotogalerie (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
==================== Restore Points =========================
27-08-2013 19:50:30 Windows Update
12-09-2013 18:45:24 Windows Update
12-09-2013 20:06:52 Windows Update
11-10-2013 20:35:40 Windows Update
30-10-2013 22:53:34 Geplanter Prüfpunkt
09-11-2013 12:55:02 Geplanter Prüfpunkt
10-11-2013 16:43:48 Malwarebytes Anti-Rootkit Restore Point
==================== Hosts content: ==========================
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0EF16A4A-C90F-44F4-BED8-7AD1A903126E} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {22D0D2BA-43A7-4813-9430-56C6060518E8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2323883502-2741049629-4279754682-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {312C2AFE-9BE7-4356-8539-DAB3A54B7CFC} - System32\Tasks\HP Health Check => C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12] (Hewlett-Packard)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {47DA73BD-2510-4692-8E8F-7D3D65483DDA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-04] (Google Inc.)
Task: {4B6002D6-A81C-4FBD-B23B-07E758BA1C39} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {5498778F-0E2B-4E56-9907-5A08D1D578AA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2323883502-2741049629-4279754682-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {6DC7819E-DF53-4F1B-AF6F-14F68211C2EC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {82540800-BCF7-4F2B-82B7-85D35A8B4E3E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2323883502-2741049629-4279754682-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {85B49C33-1988-463C-B41C-3D2E0A5F9F3D} - System32\Tasks\Microsoft\Office Genuine Advantage\OGALogon => C:\Windows\System32\OGAEXEC.exe [2009-08-03] ()
Task: {9D47F6AD-0BBF-4CC0-ABCF-7AAAE5450313} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {9D8A8D76-A9BF-476D-8BE7-BD246611C3F4} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2323883502-2741049629-4279754682-1000 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9EB53168-E955-4B99-AC58-1E1D09CBCED7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {B07AD0BF-C224-4421-BF50-95A967C1D005} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Meinname Muehsam => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {D4977322-A9CF-4E4D-80C2-C012873FBF9F} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\20.4.0.40\symerr.exe [2013-06-03] (Symantec Corporation)
Task: {DF992804-C745-44E0-9959-1FDEFAF7FC2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-04] (Google Inc.)
Task: {E16B751D-E4C1-4F67-8E9E-1DA4A8521D6D} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\20.4.0.40\wscstub.exe [2013-06-03] (Symantec Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-07-21 20:42 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56fra.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56brz.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56chs.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56cht.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ger.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56ita.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00057344 _____ () C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56esp.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00053248 _____ () C:\Program Files\Motorola\SMSERIAL\sm56kor.dll
2006-10-09 21:43 - 2006-10-09 21:43 - 00065536 _____ () C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll
2007-06-28 07:34 - 2007-04-24 02:11 - 00114787 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
2007-06-28 07:34 - 2007-04-24 02:11 - 00032768 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2007-06-28 07:34 - 2007-04-24 02:11 - 00237673 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2007-06-28 07:34 - 2007-04-24 02:11 - 00339968 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2006-12-20 12:00 - 2006-12-20 12:00 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2006-12-20 12:18 - 2006-12-20 12:18 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2007-06-28 07:33 - 2007-04-24 02:10 - 00061440 _____ () C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-11-11 19:25:37.721
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-11 19:25:37.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-11 19:25:37.184
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-11 19:25:36.882
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-11 19:25:36.576
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-11 19:25:36.274
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-11 19:25:35.973
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-11 19:25:35.668
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-10 18:01:41.965
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\SMR322\Archive\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-11-10 18:01:41.667
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\SMR322\Archive\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 51%
Total physical RAM: 2045.68 MB
Available physical RAM: 991.45 MB
Total Pagefile: 4328.39 MB
Available Pagefile: 3152.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1903.5 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:141.62 GB) (Free:60.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:149.05 GB) (Free:148.58 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:7.43 GB) (Free:2.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149 GB) (Disk ID: F0CFFAAE)
Partition 1: (Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: FA2A057A)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
+ R Taste und schreibe notepad in das Ausführen Fenster.
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit
TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
