Hab wohl die Themaeröffnungsanleitung übersehen. Tut mir Leid. Hier die Logs (Meinen Namen hab ich aus eigenem Interesse mal mit XXXXX zensiert):
Ich bin Programmierer, also über diverse Tools nicht wundern :)
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-06-2014
Ran by XXXXX (administrator) on XXXXX-PC on 20-06-2014 19:44:10
Running from D:\Data\Downloadz
Platform: Windows 7 Ultimate (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(SANDBOXIE L.T.D) D:\Data\Toolz\Sandboxie\SbieSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Apache Software Foundation) I:\VisualSVN Server\bin\VisualSVNServer.exe
() D:\Data\Toolz\puush\puush.exe
(Apache Software Foundation) I:\VisualSVN Server\bin\VisualSVNServer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(JAM Software) D:\Data\Toolz\TreeSize\TreeSizeFree.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Safer-Networking Ltd.) D:\Data\Toolz\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) D:\Data\Toolz\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) D:\Data\Toolz\Spybot - Search & Destroy 2\SDWSCSvc.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
() D:\Data\Downloadz\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => D:\Data\Toolz\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1843127492-2866971718-3940101754-1000\...\Run: [puush] => D:\Data\Toolz\puush\puush.exe [567880 2014-03-14] ()
HKU\S-1-5-21-1843127492-2866971718-3940101754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1843127492-2866971718-3940101754-1000\...\Run: [Spybot-S&D Cleaning] => D:\Data\Toolz\Spybot - Search & Destroy 2\SDCleaner.exe [4566984 2014-04-25] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2E7184A47F73CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Plugin for GeneralDownloader - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Users\XXXXX\AppData\Roaming\General Downloader\Extensions\IEPlugin64.dll (General World)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Octh Class - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: haufereader - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: haufereader - No CLSID Value -
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{A7AFB675-BB88-478E-A8B7-8B72D2B6CA0A}: [NameServer]192.168.179.1
Tcpip\..\Interfaces\{F4459F9F-E811-4E77-8C48-E1A4A6AEC2E0}: [NameServer]208.67.222.222,192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ic9mcqw5.default-1371518163302
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\XXXXX\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: General Downloader plugin - C:\Users\XXXXX\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@generaldownloader.com [2011-10-11]
FF Extension: General Crawler - C:\Users\XXXXX\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2011-10-11]
FF Extension: Lightbeam - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ic9mcqw5.default-1371518163302\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-01-15]
FF Extension: NO Google Analytics - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ic9mcqw5.default-1371518163302\Extensions\jid1-JcGokIiQyjoBAQ@jetpack.xpi [2014-01-15]
FF Extension: Adblock Plus - C:\Users\XXXXX\AppData\Roaming\Mozilla\Firefox\Profiles\ic9mcqw5.default-1371518163302\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-27]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-04-01] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SbieSvc; D:\Data\Toolz\Sandboxie\SbieSvc.exe [94992 2011-11-23] (SANDBOXIE L.T.D)
R2 SDScannerService; D:\Data\Toolz\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; D:\Data\Toolz\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; D:\Data\Toolz\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 VisualSVNServer; I:\VisualSVN Server\bin\VisualSVNServer.exe [24424 2011-10-10] (Apache Software Foundation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2013-12-17] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [613688 2013-02-08] (Wacom Technology, Corp.)
S2 Apache2.2; "I:\Apache\bin\httpd.exe" -k runservice [X]
S2 CLKMSVC10_22035577; "H:\f!3rce\Progz\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe" /svc [X]
==================== Drivers (Whitelisted) ====================
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2009-10-07] (Cyberlink Co.,Ltd.)
S2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [376304 2009-10-07] (CyberLink Corporation.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [271424 2011-10-12] (DT Soft Ltd)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2012-01-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2012-01-18] ()
S3 RivaTuner64; D:\Data\Toolz\RivaTuner\RivaTuner64.sys [19952 2011-10-30] ()
R3 SbieDrv; D:\Data\Toolz\Sandboxie\SbieDrv.sys [158336 2011-11-23] (SANDBOXIE L.T.D)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
S2 AODDriver4.01; \??\D:\Data\Driverz\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
U3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz130; \??\C:\Users\XXXXX\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 Nbdrv; system32\DRIVERS\nbdrv.sys [X]
S1 nltdi; \??\D:\Data\Toolz\NetLimiter\nltdi.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-20 19:44 - 2014-06-20 19:44 - 00000000 ____D () C:\FRST
2014-06-20 19:33 - 2014-06-20 19:33 - 00000000 _____ () C:\Users\XXXXX\defogger_reenable
2014-06-20 18:32 - 2014-06-20 18:32 - 00022960 _____ () C:\ComboFix.txt
2014-06-20 18:23 - 2014-06-20 18:32 - 00000000 ____D () C:\ComboFix
2014-06-20 18:23 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-20 18:23 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-20 18:23 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-20 18:23 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-20 18:23 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-20 18:23 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-20 18:23 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-20 18:23 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-20 18:21 - 2014-06-20 18:32 - 00000000 ____D () C:\Qoobox
2014-06-20 18:20 - 2014-06-20 18:31 - 00000000 ____D () C:\Windows\erdnt
2014-06-20 03:42 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-06-20 03:42 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2014-06-20 03:40 - 2009-09-10 08:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-20 03:40 - 2009-09-10 07:52 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-20 03:30 - 2014-06-20 03:30 - 00000000 __SHD () C:\Windows\SysWOW64\%APPDATA%
2014-06-20 03:28 - 2014-06-20 03:28 - 01781224 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-06-20 03:02 - 2014-06-20 03:02 - 00000000 __SHD () C:\Windows\system32\%APPDATA%
2014-06-20 03:01 - 2010-03-04 06:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-20 00:42 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140620-004220.backup
2014-06-20 00:36 - 2014-06-20 00:36 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-20 00:35 - 2014-06-20 00:35 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-20 00:34 - 2014-06-20 03:44 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 00:34 - 2014-06-20 00:34 - 00001053 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 00:34 - 2014-06-20 00:34 - 00001053 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 00:34 - 2014-06-20 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 00:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-06-19 23:30 - 2014-06-19 23:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-19 23:30 - 2014-06-19 23:30 - 00000802 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-19 23:30 - 2014-06-19 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-19 23:30 - 2014-06-19 23:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-19 23:30 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-19 23:30 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-19 23:30 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-19 23:17 - 2014-06-19 23:18 - 00000000 ____D () C:\OETemp
2014-06-19 23:07 - 2014-06-19 23:07 - 00000000 ____D () C:\Users\XXXXX\AppData\Roaming\JAM Software
2014-06-19 23:07 - 2014-06-19 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2014-06-19 22:30 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-06-19 22:30 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-06-19 22:08 - 2010-08-04 09:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-06-19 22:08 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-06-19 22:08 - 2010-08-04 09:05 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-06-19 22:08 - 2010-08-04 09:05 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-06-19 22:08 - 2010-08-04 08:18 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-06-19 22:08 - 2010-08-04 08:15 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2014-06-19 22:08 - 2010-08-04 08:15 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-06-19 22:08 - 2010-03-04 09:57 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-06-19 22:08 - 2010-03-04 09:33 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-06-19 22:08 - 2010-01-19 11:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-19 22:08 - 2010-01-19 11:05 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-19 22:08 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-19 22:08 - 2010-01-19 11:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-19 22:08 - 2010-01-19 11:00 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-19 22:08 - 2010-01-19 11:00 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-19 22:08 - 2010-01-19 11:00 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-19 22:08 - 2010-01-19 11:00 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-19 22:08 - 2010-01-19 01:29 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-19 22:08 - 2010-01-19 01:29 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-19 22:08 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-19 22:08 - 2010-01-19 01:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-19 22:08 - 2010-01-19 01:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-19 22:08 - 2010-01-19 01:28 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-06-19 22:08 - 2010-01-19 01:28 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-19 22:08 - 2010-01-19 01:28 - 00277504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-19 22:08 - 2009-12-13 11:46 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-06-19 22:08 - 2009-12-13 11:30 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-06-19 22:08 - 2009-10-19 16:46 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-06-19 22:08 - 2009-10-19 16:46 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-06-19 22:08 - 2009-10-19 16:10 - 00108544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2014-06-19 22:08 - 2009-10-19 16:10 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-06-19 22:08 - 2009-07-30 07:07 - 00366080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-19 22:08 - 2009-07-30 06:44 - 00293888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-06-11 20:04 - 2014-06-11 20:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 20:37 - 2014-06-10 20:37 - 00001535 _____ () C:\Users\XXXXX\Documents\Ungefähre Liste.txt
2014-06-09 17:09 - 2014-06-09 18:07 - 00004891 _____ () C:\Users\XXXXX\Desktop\ai research notes.txt
2014-05-28 21:57 - 2014-05-28 22:00 - 00000568 __RSH () C:\Users\XXXXX\ntuser.pol
2014-05-27 18:59 - 2014-05-27 18:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-27 18:59 - 2014-05-27 18:59 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
==================== One Month Modified Files and Folders =======
2014-06-20 19:44 - 2014-06-20 19:44 - 00000000 ____D () C:\FRST
2014-06-20 19:44 - 2014-02-22 16:25 - 42788962 _____ () C:\Windows\setupact.log
2014-06-20 19:33 - 2014-06-20 19:33 - 00000000 _____ () C:\Users\XXXXX\defogger_reenable
2014-06-20 19:33 - 2010-10-24 15:20 - 00000000 ____D () C:\Users\XXXXX
2014-06-20 18:59 - 2012-05-09 00:54 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-20 18:59 - 2012-04-04 20:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 18:50 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-20 18:50 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-20 18:35 - 2010-10-24 13:32 - 01829297 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 18:32 - 2014-06-20 18:32 - 00022960 _____ () C:\ComboFix.txt
2014-06-20 18:32 - 2014-06-20 18:23 - 00000000 ____D () C:\ComboFix
2014-06-20 18:32 - 2014-06-20 18:21 - 00000000 ____D () C:\Qoobox
2014-06-20 18:32 - 2011-11-02 21:15 - 00000000 ____D () C:\Users\XXXXX\AppData\Local\Apps\2.0
2014-06-20 18:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-20 18:31 - 2014-06-20 18:20 - 00000000 ____D () C:\Windows\erdnt
2014-06-20 18:30 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-20 18:05 - 2010-11-06 23:23 - 00000000 ____D () C:\Users\XXXXX\AppData\Roaming\Skype
2014-06-20 18:04 - 2012-05-09 00:54 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-20 18:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-20 17:56 - 2011-01-11 21:32 - 00000000 ____D () C:\Users\XXXXX\AppData\Local\TSVNCache
2014-06-20 17:53 - 2012-04-22 18:09 - 00000000 ____D () C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetLimiter 3
2014-06-20 17:47 - 2011-09-01 23:16 - 00000000 ____D () C:\ProgramData\CyberLink
2014-06-20 15:01 - 2011-01-11 19:49 - 00000000 ____D () C:\Users\XXXXX\Documents\Visual Studio 2008
2014-06-20 14:56 - 2011-01-15 20:16 - 00000000 ____D () C:\Users\XXXXX\AppData\Roaming\VisualAssist
2014-06-20 14:55 - 2011-01-15 19:57 - 00000000 ____D () C:\Users\XXXXX\AppData\Local\VisualAssist
2014-06-20 14:18 - 2009-07-14 06:45 - 00319592 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-20 14:17 - 2011-01-13 19:32 - 00081694 _____ () C:\Windows\PFRO.log
2014-06-20 03:44 - 2014-06-20 00:34 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 03:40 - 2011-01-11 19:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-20 03:34 - 2011-01-11 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-06-20 03:32 - 2011-01-11 20:02 - 01626404 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-20 03:32 - 2009-07-14 19:58 - 00749328 _____ () C:\Windows\system32\perfh007.dat
2014-06-20 03:32 - 2009-07-14 19:58 - 00169602 _____ () C:\Windows\system32\perfc007.dat
2014-06-20 03:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Registration
2014-06-20 03:30 - 2014-06-20 03:30 - 00000000 __SHD () C:\Windows\SysWOW64\%APPDATA%
2014-06-20 03:28 - 2014-06-20 03:28 - 01781224 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-06-20 03:27 - 2012-05-13 18:15 - 00008947 _____ () C:\Windows\IE9_main.log
2014-06-20 03:26 - 2009-07-14 07:13 - 00077818 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-20 03:02 - 2014-06-20 03:02 - 00000000 __SHD () C:\Windows\system32\%APPDATA%
2014-06-20 01:16 - 2011-06-22 21:03 - 00000000 ____D () C:\Users\XXXXX\AppData\Roaming\vlc
2014-06-20 00:36 - 2014-06-20 00:36 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-20 00:35 - 2014-06-20 00:35 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-06-20 00:34 - 2014-06-20 00:34 - 00001053 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 00:34 - 2014-06-20 00:34 - 00001053 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 00:34 - 2014-06-20 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-19 23:44 - 2014-06-19 23:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-19 23:30 - 2014-06-19 23:30 - 00000802 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-19 23:30 - 2014-06-19 23:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-19 23:30 - 2014-06-19 23:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-19 23:19 - 2013-12-10 00:03 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-19 23:18 - 2014-06-19 23:17 - 00000000 ____D () C:\OETemp
2014-06-19 23:07 - 2014-06-19 23:07 - 00000000 ____D () C:\Users\XXXXX\AppData\Roaming\JAM Software
2014-06-19 23:07 - 2014-06-19 23:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2014-06-19 22:50 - 2012-03-10 18:42 - 00000000 ____D () C:\Fraps
2014-06-12 18:38 - 2012-05-02 23:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-11 20:04 - 2014-06-11 20:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 20:37 - 2014-06-10 20:37 - 00001535 _____ () C:\Users\XXXXX\Documents\Ungefähre Liste.txt
2014-06-09 18:07 - 2014-06-09 17:09 - 00004891 _____ () C:\Users\XXXXX\Desktop\ai research notes.txt
2014-05-28 22:00 - 2014-05-28 21:57 - 00000568 __RSH () C:\Users\XXXXX\ntuser.pol
2014-05-28 21:56 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-27 18:59 - 2014-05-27 18:59 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-27 18:59 - 2014-05-27 18:59 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-27 18:59 - 2011-01-12 20:48 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-05-27 18:59 - 2011-01-12 20:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-26 19:49 - 2014-05-15 19:40 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-05-26 18:41 - 2010-11-06 23:23 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-26 18:41 - 2010-11-06 23:23 - 00000000 ____D () C:\ProgramData\Skype
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-08 00:09
==================== End Of Log ============================
--- --- ---
Additional: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2014
Ran by XXXXX at 2014-06-20 19:45:00
Running from D:\Data\Downloadz
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - )
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AGEIA GAME System Software 2.8.0 (HKLM-x32\...\{5C9530C0-957F-4CC4-ADA9-A7195BD9394C}) (Version: 2.8.0 - AGEIA Technologies, Inc.)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{1701BD02-09B9-B25B-8290-C7D6A33C5A75}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD USB Filter Driver (x32 Version: 1.0.15.94 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield 3™ Open Beta (HKLM-x32\...\{45C8D17D-B5E0-4e93-8370-4329AB16D2A0}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 1.138.0 - EA Digital Illusions CE AB)
BF3CC (HKCU\...\af8063ee51cc0619) (Version: 0.3.0.25 - i3D)
Blockade Runner (HKLM-x32\...\Blockade Runner0.71.0c) (Version: 0.71.0c - ZanMgt)
Boost Package 1_42_0 (HKLM-x32\...\Boost_0) (Version: 1_42_0 - Gordon Taft)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Cities XL 2012 (HKLM-x32\...\Steam App 201760) (Version: - )
CMake 2.8, a cross-platform, open-source build system (HKLM-x32\...\CMake 2.8.11.1) (Version: 2.8.11.1 - Kitware)
Crystal Reports Basic for Visual Studio 2008 (HKLM-x32\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic German Language Pack for Visual Studio 2008 (HKLM-x32\...\{3924C3E7-C440-4B23-9740-9A9EC0545F21}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports Basic Runtime German Language Pack for Visual Studio 2008 (x64) (HKLM\...\{1D5F34D0-6329-4D92-B81A-E24E9028910C}) (Version: 10.5.0.0 - Business Objects)
CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3721 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 7.0.3721 - CyberLink Corp.) Hidden
CyberLink InstantBurn (HKLM-x32\...\{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}) (Version: 5.0.6210 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3418 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3418 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1423 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.0.1423 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3518.52 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3518.52 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2429 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 4.41.0315.0262 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{6BDEB2BD-7C8B-4734-9E2F-E9EDC9D6C844}) (Version: - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.7.14633 - Blizzard Entertainment)
doxygen 1.8.2 (HKLM\...\doxygen_is1) (Version: 1.8.2 - Dimitri van Heesch)
eBay .NET SDK v747 Full Release (HKLM-x32\...\{A7EE19F8-2159-4313-831C-CB35967BC7E5}) (Version: 2.0.0 - eBay)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.0) (Version: 0.70.0 - ESN Social Software AB)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Download Manager 3.0 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
General Downloader version 1.2.14.22654 (HKLM-x32\...\{414C790F-E24E-461B-983A-2AD84474DE4A}_is1) (Version: 1.2.14.22654 - )
GIF Viewer (HKLM-x32\...\GIF Viewer) (Version: - )
Git version 1.8.0-preview20121022 (HKLM-x32\...\Git_is1) (Version: 1.8.0-preview20121022 - The Git Development Community)
GLEAMviz Simulator v4 - Public Edition (HKLM-x32\...\org.gleamviz.simulator-v4-pe) (Version: 4.2.01 - UNKNOWN)
GLEAMviz Simulator v4 - Public Edition (x32 Version: 4.2.01 - UNKNOWN) Hidden
GnuWin32: Bison-2.4.1 (HKLM-x32\...\Bison-2.4.1_is1) (Version: 2.4.1 - GnuWin32)
Golems (HKLM-x32\...\Golems) (Version: 0.56.0 - Sam Bayless)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.57.5189 - Gretech Corporation)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Haufe iDesk-Browser (HKLM-x32\...\{0F32914F-A633-4516-B531-7084C8F19F93}) (Version: 10.10.14.0000 - Haufe-Lexware GmbH & Co. KG)
HHD Software Hex Editor Neo 4.97 (HKCU\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 4.97.2.3667 - HHD Software, Ltd.)
Hotfix für Microsoft Visual Studio 2008 Professional Edition - DEU (KBKB971091) (HKLM-x32\...\{445174EA-3D3A-308E-84AD-446127E71441}.KB971091) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Professional Edition - DEU (KBKB973674) (HKLM-x32\...\{445174EA-3D3A-308E-84AD-446127E71441}.KB973674) (Version: 1 - Microsoft Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.260 - Oracle)
Java(TM) 7 Update 1 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417001FF}) (Version: 7.0.10 - Oracle)
Java(TM) SE Development Kit 7 Update 1 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170010}) (Version: 1.7.0.10 - Oracle)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
K-Lite Codec Pack 7.7.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.7.0 - )
Kong version 1.1.0 (HKLM-x32\...\Kong_is1) (Version: - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lexware Info Service (HKLM-x32\...\{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}) (Version: 2.70.00.0081 - Haufe-Lexware GmbH & Co.KG)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios AB)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{B1060346-9388-4C5B-AA52-176C39819E43}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{72CCBEA1-8D57-4981-A337-81019F28C5BA}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Device Emulator (64 Bit) Version 3.0 - DEU (HKLM\...\{7ECA1AEA-2B61-3DE6-8276-6A9A2693F111}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft DirectX SDK (June 2010) (HKLM-x32\...\Microsoft DirectX SDK (June 2010)) (Version: 9.29.1962.0 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2008 (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 Language Pack - DEU (HKLM-x32\...\Microsoft Document Explorer 2008 Language Pack - DEU) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2008 Language Pack - DEU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Visual Web Developer 2007 (x32 Version: 12.0.4518.1066 - Microsoft Corporation) Hidden
Microsoft Office Visual Web Developer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 Design Tools DEU (HKLM-x32\...\{E32260E7-0B10-43C7-9B77-AB9F4184676D}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 DEU (HKLM-x32\...\{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices DEU (HKLM-x32\...\{1C3ADB5F-750E-4453-AC98-B75C5323845C}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM-x32\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime Language Pack (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Professional Edition - DEU (HKLM-x32\...\Microsoft Visual Studio 2008 Professional Edition - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - DEU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger - DEU (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{AC888A60-9557-3B74-B52B-F353D01BD544}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{9aa5f39c-a8de-46b0-919a-0248f8bc8490}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{62EED300-E841-4083-A1D6-60B906271804}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{A992BBAA-723D-4574-A07F-983BF8FAA3E1}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.1 (HKLM-x32\...\{34A153FE-6926-4C14-B48A-B71E68C672A8}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MySQL Workbench 5.2 CE (HKLM-x32\...\{48A9B9DD-66B9-4846-AA7C-825A5729B643}) (Version: 5.2.47 - Oracle Corporation)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version: - Unknown Worlds Entertainment)
NetLimiter 3 (HKLM\...\{913923AB-3AAB-4870-8910-627C4CD82789}) (Version: 3.0.0.11 - Locktime Software s.r.o.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.6.2 - )
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Operation Flashpoint: Dragon Rising (HKLM-x32\...\Steam App 12830) (Version: - Codemasters Studios)
Operation Flashpoint: Red River (HKLM-x32\...\Steam App 44340) (Version: - Codemasters Action Studio)
Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version: - www.orbitdownloader.com)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.7.9 - )
pidgin-otr 3.2.0-1 (HKLM-x32\...\pidgin-otr) (Version: 3.2.0-1 - Cypherpunks CA)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Prelude@# v.0.9.6 (HKLM-x32\...\Prelude@#) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QuickSteuer Wissens-Center 2011 (HKLM-x32\...\{939FF87B-4ADE-4CB3-A363-153984CD4A49}) (Version: 17.10.0.0 - Haufe-Lexware GmbH & Co. KG)
Rapid Environment Editor (HKLM-x32\...\RapidEE) (Version: 6.1.0.786 - )
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.)
Sanctum (HKLM-x32\...\Steam App 91600) (Version: - )
Sandboxie 3.62 (64-bit) (HKLM\...\Sandboxie) (Version: 3.62 - SANDBOXIE L.T.D)
SDM 1.11 (HKLM-x32\...\SDM_is1) (Version: 1.11 - Sebastian Nagel)
Secure Download Manager (HKLM-x32\...\{E98D115E-D621-4723-8AF0-147BADA9A466}) (Version: 3.1.40 - Kivuto Solutions Inc.)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
SweetPacks bundle uninstaller (HKLM-x32\...\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}) (Version: 1.0.0000 - SweetIM Technologies Ltd.) <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Lord of the Rings FREE Trial (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Tools für Microsoft SQL Server 2005 Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
TortoiseGit 1.8.0.0 (64 bit) (HKLM\...\{03F31A76-CC8D-4C2A-BF70-0B4337119821}) (Version: 1.8.0.0 - TortoiseGit)
TortoiseSVN 1.6.12.20536 (64 bit) (HKLM\...\{818AA386-29D5-4DFF-BBB5-3F16133F1409}) (Version: 1.6.20536 - TortoiseSVN)
TreeSize Free V3.0.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.0.1 - JAM Software)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1 - TrueCrypt Foundation)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIO_{007CC0F3-15DE-426D-95B5-B019FCEF58CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIO_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.VISIO_{D1688F5A-9A61-42F0-B8D0-2C9DF315A141}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIO_{BEBC2484-290C-46AD-9834-6DAD1FA80273}) (Version: - Microsoft)
Update für Microsoft Visual Studio 2008 Professional Edition - DEU (KBKB972221) (HKLM-x32\...\{445174EA-3D3A-308E-84AD-446127E71441}.KB972221) (Version: 1 - Microsoft Corporation)
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Assist X (HKLM-x32\...\Visual Assist X) (Version: - Whole Tomato Software, Inc.)
Visual Leak Detector 2.2.3 (HKLM-x32\...\Visual Leak Detector) (Version: 2.2.3 - VLD Team)
Visual Studio .NET Prerequisites - English (HKLM\...\{ACD875CC-A146-3125-8F99-D3766F46FD86}) (Version: 9.0.21022 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Language Pack - DEU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Visual Studio-Tools für Office System 3.0 Runtime Language Pack - DEU (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime Language Pack - DEU) (Version: - Microsoft Corporation)
VisualSVN Server 2.5.0 (HKLM-x32\...\{D79B2856-B662-4EE8-8B95-1A20D21B3C65}) (Version: 2.5.0.0 - VisualSVN Ltd.)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VPNTunnel 1.0.0.0 (HKLM-x32\...\VPNTunnel) (Version: 1.0.0.0 - )
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-2 - Wacom Technology Corp.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.5-3 - Wacom Technology Corp.)
Warhammer 40,000: Space Marine Demo (HKLM-x32\...\Steam App 55410) (Version: - )
Warsow 0.61 (HKLM-x32\...\{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1) (Version: 0.61 - Chasseur de bots)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM-x32\...\{721B5CF0-D220-4955-BB6F-EBCFB1096DE7}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM-x32\...\{DA7F48EF-5F56-45FE-9169-3B8159A7A323}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 4.3.4.15595 - Blizzard Entertainment)
x64crt (HKLM\...\{143CC532-8A89-4D56-8F91-F1AFF6244FE3}) (Version: 1.0.0 - Microsoft)
x86crt (HKLM-x32\...\{50CBA9D7-4A12-44CA-8E75-9FD7374FBD12}) (Version: 1.0.0 - Microsoft)
YaCy (HKCU\...\YaCy) (Version: - )
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-06-20 18:30 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {14155E1D-6466-44FB-AB0C-52AE66BA9F2F} - System32\Tasks\{3D57BC33-6BE7-4D79-AD78-03962A895338} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {190F0E40-EF8D-44E4-9F34-7A750B3D8BD7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-20] (Adobe Systems Incorporated)
Task: {1BCD8EA8-2850-4E9C-A779-E01A3E750B0B} - System32\Tasks\Herunterfahren => C:\Windows\System32\shutdown.exe [2009-07-14] (Microsoft Corporation)
Task: {330FAA11-24A8-4777-807B-FEE0AB490E38} - System32\Tasks\{B1890DC8-97EB-45AD-B66C-C62FF6560071} => C:\Program Files (x86)\PreludeSharp\preLude.exe [2009-11-28] ()
Task: {51351AAF-8F36-4AF1-A13F-B24C54BFAA65} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-09] (Google Inc.)
Task: {57C7B773-3FA4-4D97-81AB-C27973ED5B32} - System32\Tasks\{B874AF6A-C921-4809-9841-BBEFD7CAB70F} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/en/abandoninstall?page=tsMain
Task: {720DDF4D-962B-4FCE-BF7A-779A74D39BD5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => D:\Data\Toolz\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {893EFD81-A6AE-48EF-9473-8BC9597942D5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {9A31A067-32B4-4ECE-9357-78D542383E48} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => D:\Data\Toolz\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {A002C06E-54E1-43AD-90D9-2230C15C86D3} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {AE230FA0-99F0-4AE9-B759-A2E2DABCE839} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-09] (Google Inc.)
Task: {F13E8BDD-4FA3-4795-9C7F-58944841CF83} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => D:\Data\Toolz\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-12-19 17:32 - 2012-12-19 17:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 20:39 - 2012-10-17 20:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2010-12-11 18:15 - 2012-04-01 01:36 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-01-10 15:41 - 2014-03-14 00:15 - 00567880 _____ () D:\Data\Toolz\puush\puush.exe
2012-10-16 11:39 - 2012-10-16 11:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2012-12-19 17:32 - 2012-12-19 17:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-04-03 19:45 - 2013-12-17 03:17 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-04-03 19:42 - 2013-02-08 20:37 - 01185080 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-01-27 20:11 - 2013-01-27 20:11 - 00542360 _____ () D:\Data\Toolz\Tortoise GIT\bin\libgit2.dll
2013-01-27 20:11 - 2013-01-27 20:11 - 00087192 _____ () D:\Data\Toolz\Tortoise GIT\bin\zlib1.dll
2010-10-24 19:10 - 2010-03-15 11:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-07-18 23:04 - 2011-07-18 23:04 - 00301568 _____ () D:\Programs\Notepad++\NppShell_04.dll
2014-06-20 19:32 - 2014-06-20 19:32 - 00050477 _____ () D:\Data\Downloadz\Defogger.exe
2013-01-27 20:01 - 2013-01-27 20:01 - 00413336 _____ () D:\Data\Toolz\Tortoise GIT\bin\libgit232.dll
2013-01-27 20:01 - 2013-01-27 20:01 - 00075928 _____ () D:\Data\Toolz\Tortoise GIT\bin\zlib132.dll
2012-10-16 11:39 - 2012-10-16 11:39 - 00060504 _____ () C:\Program Files (x86)\Bamboo Dock\BambooWinTab.dll
2014-06-20 00:34 - 2014-04-25 14:11 - 00109400 _____ () D:\Data\Toolz\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-20 00:34 - 2014-04-25 14:11 - 00416600 _____ () D:\Data\Toolz\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-20 00:34 - 2014-04-25 14:11 - 00167768 _____ () D:\Data\Toolz\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-20 00:34 - 2012-08-23 10:38 - 00574840 _____ () D:\Data\Toolz\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-20 00:34 - 2012-04-03 17:06 - 00565640 _____ () D:\Data\Toolz\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-07-18 23:07 - 2011-07-18 23:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2011-07-18 23:07 - 2011-07-18 23:07 - 01563648 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2014-06-11 20:04 - 2014-06-11 20:04 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: NetBalancerService => 2
MSCONFIG\startupfolder: C:^Users^XXXXX^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SDM-Autostart.lnk => C:\Windows\pss\SDM-Autostart.lnk.Startup
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: CLMLServer => "H:\f!3rce\Progz\Cyberlink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Free Download Manager => C:\Program Files (x86)\Free Download Manager\fdm.exe -autorun
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: InstantBurn => H:\f!3rce\Progz\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
MSCONFIG\startupreg: LexwareInfoService => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe /autostart
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: NetLimiter => D:\Data\Toolz\NetLimiter\NLClientApp.exe /tray
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: RemoteControl9 => H:\f!3rce\Progz\Cyberlink\PowerDVD9\PDVD9Serv.exe
MSCONFIG\startupreg: RGSC => D:\Games\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: snpstd3 => C:\Windows\vsnpstd3.exe
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: UpdatePSTShortCut => "H:\f!3rce\Progz\Cyberlink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "H:\f!3rce\Progz\Cyberlink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
==================== Faulty Device Manager Devices =============
Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: nltdi
Description: nltdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nltdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/20/2014 07:41:35 PM) (Source: ESENT) (EventID: 428) (User: )
Description: wuaueng.dll (1004) SUS20ClientDataStore: Das Datenbankmodul kann keine Aktualisierungen akzeptieren, weil die Festplatte, auf der sich die Protokolldatei der Datenbank befindet, über zu wenig freien Speicherplatz verfügt .
Error: (06/20/2014 07:41:28 PM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1004) SUS20ClientDataStore: Versuch, in Datei "C:\Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log" bei Offset 0 (0x0000000000000000) für 393216 (0x00060000) Bytes zu schreiben, ist nach wuaueng.dll0 Sekunden mit Systemfehler 112 (0x00000070): "Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. " fehlgeschlagen. Fehler -1808 (0xfffff8f0) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.
Error: (06/20/2014 07:41:24 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 0000000000000134,0x00560034,0000000000355000,0,0000000000353FF0,4096,[0]).
Vorgang:
PreFinalCommitSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (06/20/2014 07:34:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
.
Error: (06/20/2014 07:29:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
.
Error: (06/20/2014 07:24:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
.
Error: (06/20/2014 07:19:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
.
Error: (06/20/2014 07:09:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
.
Error: (06/20/2014 06:49:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
.
Error: (06/20/2014 06:44:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
.
System errors:
=============
Error: (06/20/2014 07:37:16 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "DHCP-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (06/20/2014 07:35:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sicherheitscenter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/20/2014 07:35:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/20/2014 07:35:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/20/2014 07:35:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Ereignisprotokoll" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/20/2014 07:35:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "DHCP-Client" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/20/2014 07:35:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Audio" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/20/2014 06:36:21 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (06/20/2014 06:30:16 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/20/2014 06:29:31 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office Sessions:
=========================
Error: (06/20/2014 07:41:35 PM) (Source: ESENT) (EventID: 428) (User: )
Description: wuaueng.dll1004SUS20ClientDataStore:
Error: (06/20/2014 07:41:28 PM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll1004SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log0 (0x0000000000000000)393216 (0x00060000)-1808 (0xfffff8f0)112 (0x00000070)Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. 0
Error: (06/20/2014 07:41:24 PM) (Source: VSS) (EventID: 12305) (User: )
Description: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 - 0000000000000134,0x00560034,0000000000355000,0,0000000000353FF0,4096,[0])
Vorgang:
PreFinalCommitSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (06/20/2014 07:34:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEs steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
Error: (06/20/2014 07:29:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEs steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
Error: (06/20/2014 07:24:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEs steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
Error: (06/20/2014 07:19:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEs steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
Error: (06/20/2014 07:09:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEs steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
Error: (06/20/2014 06:49:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEs steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
Error: (06/20/2014 06:44:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEs steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
CodeIntegrity Errors:
===================================
Date: 2014-06-20 18:29:31.223
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-20 18:29:31.192
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-30 01:23:57.843
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Data\Toolz\RivaTuner\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-30 01:23:57.838
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Data\Toolz\RivaTuner\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-30 01:23:56.644
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Data\Toolz\RivaTuner\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-30 01:23:56.634
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Data\Toolz\RivaTuner\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-30 01:23:55.622
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Data\Toolz\RivaTuner\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-30 01:23:55.612
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Data\Toolz\RivaTuner\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-30 01:23:54.600
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Data\Toolz\RivaTuner\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-10-30 01:23:54.598
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Data\Toolz\RivaTuner\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 74%
Total physical RAM: 4094.18 MB
Available physical RAM: 1030.11 MB
Total Pagefile: 8186.51 MB
Available Pagefile: 4651.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Win7 System) (Fixed) (Total:29.3 GB) (Free:0 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten1) (Fixed) (Total:407.15 GB) (Free:27.16 GB) NTFS
Drive e: (XP System) (Fixed) (Total:29.3 GB) (Free:11.09 GB) NTFS
Drive g: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (Daten4) (Fixed) (Total:76.33 GB) (Free:21.66 GB) NTFS
Drive i: (Daten3) (Fixed) (Total:104.79 GB) (Free:104.54 GB) NTFS
Drive j: (Daten2) (Fixed) (Total:127.99 GB) (Free:60.74 GB) NTFS
Drive o: (Daten5) (Fixed) (Total:256.32 GB) (Free:255.81 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 471850F4)
Partition 1: (Not Active) - (Size=29 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=29 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=407 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 76 GB) (Disk ID: BFD65681)
Partition 1: (Active) - (Size=76 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=0) - (Type=0E)
========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 69460369)
Partition 1: (Not Active) - (Size=466 GB) - (Type=OF Extended)
========================================================
Disk: 3 (Size: 233 GB) (Disk ID: CEE5CEE5)
Partition 1: (Not Active) - (Size=128 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=105 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
WARNUNG an die MITLESER: 
