FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2014 01
Ran by Christian (administrator) on CHRISTIAN-HP on 29-01-2014 13:42:35
Running from C:\Users\Christian\Downloads
Microsoft Windows 7 Home Premium (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\stacsv.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\AEstSrv.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\ProgramData\DatacardService\DCService.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ArcSoft, Inc.) C:\Windows\System32\uArcCapture.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(SAMSUNG ELECTRONICS) C:\Program Files\Samsung\EmoDio\SMSTray.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files\WISO\Steuersoftware 2013\mshaktuell.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [QLBController] - C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-25] (Intel Corporation)
HKLM\...\Run: [PDF Complete] - C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-10-23] (PDF Complete Inc)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-12-11] (Synaptics Incorporated)
HKLM\...\Run: [File Sanitizer] - C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [DTRun] - c:\Program Files\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-19] (ArcSoft Inc.)
HKLM\...\Run: [NortonOnlineBackupReminder] - C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM\...\Run: [MVS Splash] - C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
HKLM\...\Run: [McAfee Managed Services Tray] - C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-08-23] (Hewlett-Packard Company)
HKLM\...\Run: [SMSTray] - C:\Program Files\Samsung\EmoDio\SMSTray.exe [479232 2009-04-16] (SAMSUNG ELECTRONICS)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1425208 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [PDFPrint] - C:\Program Files\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP: C:\windows\system32\DeviceNP.dll (Hewlett-Packard Limited)
HKCU\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1685048 2009-09-29] (Hewlett-Packard)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
MountPoints2: D - D:\AutoRun.exe
MountPoints2: {5092e080-ec3c-11df-b2c6-70f395968e11} - E:\AutoRun.exe
MountPoints2: {9c6c77cf-ec8a-11df-b264-70f395968e11} - D:\AutoRun.exe
MountPoints2: {d547ddae-442e-11e0-ab15-b50cd61f87e1} - D:\AutoRun.exe
MountPoints2: {d547ddbf-442e-11e0-ab15-b50cd61f87e1} - D:\AutoRun.exe
MountPoints2: {d547ddcc-442e-11e0-ab15-b50cd61f87e1} - D:\AutoRun.exe
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2009-09-29] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2009-09-29] (Hewlett-Packard)
Lsa: [Notification Packages] DPPassFilter scecli
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKCU - DefaultScope {CCFB13CE-415E-465D-9688-2238E53FF768} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {CCFB13CE-415E-465D-9688-2238E53FF768} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO: File Sanitizer for HP ProtectTools - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\myRmProt4.9.2.358.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{29CEFDAD-328F-4B5A-B857-8644E6A2CE68}: [NameServer]193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{5103ADF2-F77B-4A6C-AF23-BE65A6C84596}: [NameServer]193.189.244.225 193.189.244.206
FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\nxq855lf.default
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\nxq855lf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-27]
FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2013-12-15]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2013-12-15]
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []
FF HKLM\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM\...\Firefox\Extensions: - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2013-10-02]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2013-10-02]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2013-10-02]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2013-10-02]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2013-10-02]
========================== Services (Whitelisted) =================
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft Inc.)
R2 avp; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-02] (Kaspersky Lab ZAO)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] ()
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808 2009-11-25] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Ltd)
R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [103992 2010-08-23] (Hewlett-Packard Company)
R2 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-18] (Hewlett-Packard Development Company, L.P)
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-07-21] (Hewlett-Packard Company)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [90112 2010-05-10] (Hewlett-Packard Company)
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-02-01] (McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-10-23] (PDF Complete Inc)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [229458 2010-03-17] (IDT, Inc.)
R2 uArcCapture; C:\windows\system32\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)
S2 vcsFPService; C:\windows\system32\vcsFPService.exe [1664304 2010-02-18] (Validity Sensors, Inc.)
S2 EngineServer; C:\PROGRA~1\McAfee\MANAGE~1\VScan\ENGINE~1.EXE [x]
S4 myAgtSvc; "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe" /ServiceStart [x]
==================== Drivers (Whitelisted) ====================
R3 Afc; C:\windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [29824 2009-12-04] (ArcSoft, Inc.)
S3 btwampfl; C:\windows\System32\drivers\btwampfl.sys [286248 2010-03-18] (Broadcom Corporation.)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv.sys [32312 2009-10-21] (Hewlett-Packard Development Company L.P.)
R0 KL1; C:\windows\System32\DRIVERS\kl1.sys [135776 2013-11-07] (Kaspersky Lab ZAO)
S4 klflt; C:\windows\System32\DRIVERS\klflt.sys [94304 2013-06-08] (Kaspersky Lab ZAO)
R1 KLIF; C:\windows\System32\DRIVERS\klif.sys [574560 2013-12-19] (Kaspersky Lab ZAO)
R1 KLIM6; C:\windows\System32\DRIVERS\klim6.sys [25696 2013-10-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\windows\System32\DRIVERS\klkbdflt.sys [25696 2013-10-02] (Kaspersky Lab ZAO)
R3 klmouflt; C:\windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-02] (Kaspersky Lab ZAO)
R1 klpd; C:\windows\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\windows\System32\DRIVERS\kltdi.sys [45024 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\windows\System32\DRIVERS\kneps.sys [144992 2013-12-19] (Kaspersky Lab ZAO)
R1 mfetdik; C:\windows\System32\drivers\mfetdik.sys [55336 2009-05-15] (McAfee, Inc.)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [40088 2010-02-01] (McAfee, Inc.)
R3 rtsuvc; C:\windows\System32\DRIVERS\rtsuvc.sys [73344 2009-12-22] (Realtek Semiconductor Corp.)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [110520 2010-02-01] ()
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51800 2010-02-01] (McAfee, Inc.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [13256 2010-02-01] (McAfee, Inc.)
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-29 13:42 - 2014-01-29 13:43 - 00018970 _____ C:\Users\Christian\Downloads\FRST.txt
2014-01-29 13:42 - 2014-01-29 13:42 - 00000000 ____D C:\FRST
2014-01-29 13:41 - 2014-01-29 13:41 - 01137152 _____ (Farbar) C:\Users\Christian\Downloads\FRST.exe
2014-01-29 10:28 - 2014-01-29 10:28 - 00139574 _____ C:\Users\Christian\Downloads\review-525121690000c710190cd759.html
2014-01-29 10:28 - 2014-01-29 10:28 - 00119145 _____ C:\Users\Christian\Downloads\review-4cbc15e20000c7100c9055f0.html
2014-01-26 12:47 - 2014-01-26 12:47 - 00007412 _____ C:\Users\Christian\Downloads\Als Garret am nächsten Morgen die Augen öffnete bot sich ihm ein Anblick.odt
2014-01-25 17:00 - 2014-01-25 17:57 - 00000000 ____D C:\Users\Christian\Downloads\JOSH
2014-01-25 09:46 - 2014-01-25 09:46 - 377048578 _____ C:\windows\MEMORY.DMP
2014-01-25 09:46 - 2014-01-25 09:46 - 00167704 _____ C:\windows\Minidump\012514-21138-01.dmp
2014-01-25 09:46 - 2014-01-25 09:46 - 00000000 ____D C:\windows\Minidump
2014-01-15 16:47 - 2014-01-29 10:14 - 00000000 ____D C:\Users\Christian\Downloads\Musical
==================== One Month Modified Files and Folders =======
2014-01-29 13:43 - 2014-01-29 13:42 - 00018970 _____ C:\Users\Christian\Downloads\FRST.txt
2014-01-29 13:43 - 2012-07-21 08:07 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2014-01-29 13:42 - 2014-01-29 13:42 - 00000000 ____D C:\FRST
2014-01-29 13:41 - 2014-01-29 13:41 - 01137152 _____ (Farbar) C:\Users\Christian\Downloads\FRST.exe
2014-01-29 13:38 - 2010-09-02 16:51 - 01738091 _____ C:\windows\WindowsUpdate.log
2014-01-29 13:35 - 2012-05-29 17:22 - 00000000 ____D C:\Users\Christian\Documents\Mein Steuer-Sparbuch Heute
2014-01-29 13:35 - 2010-11-10 09:25 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-29 13:35 - 2010-06-06 19:36 - 00000000 ____D C:\ProgramData\HPQLOG
2014-01-29 13:35 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2014-01-29 13:35 - 2009-07-14 05:39 - 00111391 _____ C:\windows\setupact.log
2014-01-29 10:28 - 2014-01-29 10:28 - 00139574 _____ C:\Users\Christian\Downloads\review-525121690000c710190cd759.html
2014-01-29 10:28 - 2014-01-29 10:28 - 00119145 _____ C:\Users\Christian\Downloads\review-4cbc15e20000c7100c9055f0.html
2014-01-29 10:14 - 2014-01-15 16:47 - 00000000 ____D C:\Users\Christian\Downloads\Musical
2014-01-29 10:09 - 2013-10-09 09:02 - 00000000 ____D C:\Users\Christian\Downloads\alles um EE
2014-01-29 10:07 - 2010-06-06 19:55 - 00691192 _____ C:\windows\system32\perfh013.dat
2014-01-29 10:07 - 2010-06-06 19:55 - 00132940 _____ C:\windows\system32\perfc013.dat
2014-01-29 10:07 - 2010-06-06 19:51 - 00689108 _____ C:\windows\system32\perfh010.dat
2014-01-29 10:07 - 2010-06-06 19:51 - 00127144 _____ C:\windows\system32\perfc010.dat
2014-01-29 10:07 - 2010-06-06 19:23 - 03959902 _____ C:\windows\system32\PerfStringBackup.INI
2014-01-29 09:13 - 2010-11-10 09:31 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2014-01-29 09:01 - 2009-07-14 05:34 - 00019536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-29 09:01 - 2009-07-14 05:34 - 00019536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 07:51 - 2010-06-06 19:36 - 00000000 ____D C:\ProgramData\PDFC
2014-01-26 13:13 - 2011-05-10 12:39 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2014-01-26 12:47 - 2014-01-26 12:47 - 00007412 _____ C:\Users\Christian\Downloads\Als Garret am nächsten Morgen die Augen öffnete bot sich ihm ein Anblick.odt
2014-01-25 17:57 - 2014-01-25 17:00 - 00000000 ____D C:\Users\Christian\Downloads\JOSH
2014-01-25 09:46 - 2014-01-25 09:46 - 377048578 _____ C:\windows\MEMORY.DMP
2014-01-25 09:46 - 2014-01-25 09:46 - 00167704 _____ C:\windows\Minidump\012514-21138-01.dmp
2014-01-25 09:46 - 2014-01-25 09:46 - 00000000 ____D C:\windows\Minidump
2014-01-15 16:55 - 2013-07-25 20:05 - 00000000 ____D C:\windows\system32\MRT
2014-01-15 16:55 - 2010-11-09 21:11 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 16:52 - 2010-11-21 14:21 - 83425928 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-01-13 21:02 - 2013-12-15 17:35 - 00000000 ____D C:\Users\Christian\Downloads\Detektei
2014-01-13 17:52 - 2013-10-09 09:00 - 00000000 ____D C:\Users\Christian\Downloads\Spirit Of Time
2014-01-07 09:34 - 2011-03-08 19:59 - 00000000 ____D C:\Users\Christian\Claudis_Castle
Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\autorun.dll
C:\Users\Christian\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Christian\AppData\Local\Temp\Extract.exe
C:\Users\Christian\AppData\Local\Temp\HPQSi.exe
C:\Users\Christian\AppData\Local\Temp\mgxfonts.exe
C:\Users\Christian\AppData\Local\Temp\MgxVistaTools.dll
C:\Users\Christian\AppData\Local\Temp\ResetDevice.exe
C:\Users\Christian\AppData\Local\Temp\setupa2.exe
C:\Users\Christian\AppData\Local\Temp\SetupAC.exe
C:\Users\Christian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Christian\AppData\Local\Temp\SP47594.exe
C:\Users\Christian\AppData\Local\Temp\SP48064.exe
C:\Users\Christian\AppData\Local\Temp\SP49408.exe
C:\Users\Christian\AppData\Local\Temp\SP49415.exe
C:\Users\Christian\AppData\Local\Temp\SP49458.exe
C:\Users\Christian\AppData\Local\Temp\SP49638.exe
C:\Users\Christian\AppData\Local\Temp\SP50188.exe
C:\Users\Christian\AppData\Local\Temp\SP50286.exe
C:\Users\Christian\AppData\Local\Temp\SP50291.exe
C:\Users\Christian\AppData\Local\Temp\sp50843.exe.exe
C:\Users\Christian\AppData\Local\Temp\SP51129.exe
C:\Users\Christian\AppData\Local\Temp\sp52110.exe.exe
C:\Users\Christian\AppData\Local\Temp\UninstallHPTCA.exe
==================== Bamital & volsnap Check =================
C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 14:27
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
[/CODE] Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-01-2014 01
Ran by Christian at 2014-01-29 13:43:50
Running from C:\Users\Christian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (Version: - Microsoft)
3MobileWiFi (Version: 15.001.06.02.156 - Huawei Technologies Co.,Ltd)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.9 (Version: - )
ArcSoft TotalMedia (Version: 1.0.23.24 - ArcSoft)
ArcSoft TotalMedia (Version: 1.0.40.24 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (Version: 1.0.0.26 - ArcSoft)
Atheros Driver Installation Program (Version: 5.2 - Atheros)
Audials (Version: 8.0.28919.1900 - RapidSolution Software AG)
Audials TV (Version: 1.3.10803.300 - RapidSolution Software AG)
Bing Bar (Version: 7.3.124.0 - Microsoft Corporation)
Broadcom 2070 Bluetooth 3.0 (Version: 6.3.0.4000 - Broadcom Corporation)
CheckerBoard 1.72 (Version: - Martin Fierz)
ContentSAFER for Wizmax (Version: - )
Corel Home Office - CS Templates (Version: 5.4.5 - 公司名称) Hidden
Corel Home Office - CT Templates (Version: 5.4.5 - 您的公司名稱) Hidden
Corel Home Office - IPM (Version: 5.5 - Corel Corporation) Hidden
Corel Home Office - JP Templates (Version: 5.4.5 - 会社名) Hidden
Corel Home Office - KR Templates (Version: 5.4.5 - 회사명) Hidden
Corel Home Office - Launcher (Version: 5.5 - Corel Corporation) Hidden
Corel Home Office - Templates RU (Version: 5.4.5 - Название организации) Hidden
Corel Home Office - Templates1 (Version: 5.4.5 - Your Company Name) Hidden
Corel Home Office (Version: 5.0.69.462 - Corel Corporation)
Corel Home Office (Version: 5.5 - Corel Corporation) Hidden
Device Access Manager for HP ProtectTools (Version: 5.0.1.5 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.6.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.6.0 - Hewlett-Packard) Hidden
eJay DJ Mixstation 4 (Version: - Yelsi AG)
EmoDio (Version: 1.0 - SAMSUNG)
EmoDio (Version: 1.0 - SAMSUNG) Hidden
Face Recognition for HP ProtectTools (Version: 2.02.4007 - Hewlett-Packard)
File Sanitizer For HP ProtectTools (Version: 5.0.1.2 - Hewlett-Packard)
HP 3D DriveGuard (Version: 4.0.4.1 - Hewlett-Packard)
HP Advisor (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Customer Experience Enhancements (Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP ESU for Microsoft Windows 7 (Version: 1.1.3.1 - Hewlett-Packard Company)
HP HotKey Support (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Power Assistant (Version: 1.0.11.0 - Hewlett-Packard Company)
HP Power Data (Version: 1.0.35.187 - Hewlett-Packard Company)
HP ProtectTools Security Manager (Version: 5.03.637 - Hewlett-Packard)
HP ProtectTools Security Manager (Version: 5.03.637 - Hewlett-Packard) Hidden
HP QuickLook (Version: 3.3.1.2 - Hewlett-Packard Company)
HP QuickWeb (Version: 1.0.1.69 - DeviceVM, Inc.)
HP Setup (Version: 1.2.3557.3169 - Hewlett-Packard)
HP SoftPaq Download Manager (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (Version: 3.5.20.1 - Hewlett-Packard Company)
HP Software Setup (Version: 7.0.1.9 - Hewlett-Packard Company)
HP Support Assistant (Version: 5.1.10.7 - Hewlett-Packard Company)
HP User Guides 0189 (Version: 1.01.0000 - Hewlett-Packard)
HP Webcam Driver (Version: 6.1.7600.0024 - Realtek Semiconductor Corp.)
HP Wireless Assistant (Version: 4.0.10.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.0.3 - Hewlett-Packard) Hidden
IDT Audio (Version: 1.0.6275.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2086 - Intel Corporation)
Intel(R) Management Engine Components (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (Version: - Intel Corporation)
jose (Version: 1.3 - )
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LightScribe System Software (Version: 1.18.6.1 - LightScribe)
MAGIX Music Cleaning Lab 2008 deluxe 9.0.0.0 (D) (Version: 9.0.0.0 - MAGIX AG)
MAGIX PC Visit (Version: 4.3.6.1987 - MAGIX AG)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mobile Partner (Version: 16.002.03.03.511 - Huawei Technologies Co.,Ltd)
Moorhuhn Remake (Version: 1.00.0000 - )
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Online Backup (Version: 1.2.20.0 - Symantec)
p.i.c.s. Spielesammlung (Version: - )
PDF Complete Special Edition (Version: 3.5.112 - PDF Complete, Inc)
PDF24 Creator 5.7.0 (Version: - PDF24.org)
PixiePack Codec Pack (Version: 1.1.1200.0 - None)
Pre-Boot Security for HP ProtectTools (Version: 5.0.7.1 - Hewlett-Packard) Hidden
Privacy Manager for HP ProtectTools (Version: 5.10.784 - Hewlett-Packard)
Radiotracker (Version: 6.2.13700.0 - RapidSolution Software AG)
Realtek Ethernet Controller All-In-One Windows Driver (Version: 1.12.0011 - Realtek)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Skype™ 6.11 (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (Version: 15.0.24.0 - Synaptics Incorporated)
Theft Recovery (Version: 5.1.0.18 - Hewlett-Packard)
Theft Recovery (Version: 5.1.0.18 - Hewlett-Packard) Hidden
UltraMixer 2.4.6 (Version: 2.4.6 - UltraMixer Digital Audio Solutions)
Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
Validity Fingerprint Driver (Version: 4.0.15.0 - Validity Sensors, Inc.)
Virtual DJ Home Edition - Atomix Productions (Version: - )
VLC media player 2.0.1 (Version: 2.0.1 - VideoLAN)
Windows 7 Default Setting (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Live Anmelde-Assistent (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (Version: 14.0.8014.1029 - Microsoft Corporation)
WinZip 12.0 (Version: 12.0.8252 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2012 (Version: 19.00.7303 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (Version: 20.00.8137 - Buhl Data Service GmbH)
==================== Restore Points =========================
27-12-2013 14:48:52 Sprachpaketdeinstallation
30-12-2013 15:06:08 Sprachpaketdeinstallation
31-12-2013 15:20:38 Sprachpaketdeinstallation
01-01-2014 13:30:29 Sprachpaketdeinstallation
05-01-2014 14:43:50 Sprachpaketdeinstallation
07-01-2014 16:39:45 Sprachpaketdeinstallation
15-01-2014 15:52:11 Windows Update
16-01-2014 11:36:08 Sprachpaketdeinstallation
19-01-2014 13:34:46 Sprachpaketdeinstallation
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {63436450-970A-4CD6-B477-569AAD6210EF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2010-02-11 21:47 - 2010-02-11 21:47 - 00636176 _____ () C:\windows\system32\SUPSDK.dll
2009-11-17 22:39 - 2009-11-17 22:39 - 00329272 _____ () C:\windows\system32\flcdlmsg.dll
2010-08-23 11:40 - 2010-08-23 11:40 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2010-08-23 11:40 - 2010-08-23 11:40 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
2010-08-23 11:40 - 2010-08-23 11:40 - 00055864 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2009-09-29 23:25 - 2009-09-29 23:25 - 00061440 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-09-29 23:25 - 2009-09-29 23:25 - 00131072 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-09-29 23:25 - 2009-09-29 23:25 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-09-29 23:25 - 2009-09-29 23:25 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-09-29 23:25 - 2009-09-29 23:25 - 00018944 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-09-29 23:25 - 2009-09-29 23:25 - 00036864 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-09-29 23:25 - 2009-09-29 23:25 - 00007680 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2009-06-17 19:40 - 2009-06-17 19:40 - 02121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2009-06-17 19:40 - 2009-06-17 19:40 - 07745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2009-06-17 19:40 - 2009-06-17 19:40 - 00135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-03-09 20:06 - 2010-03-09 20:06 - 00132384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2013-05-20 11:15 - 2013-05-23 14:39 - 08926288 _____ () C:\Program Files\WISO\Steuersoftware 2013\wgui13.dll
2013-05-20 11:16 - 2013-05-23 14:41 - 00028672 _____ () C:\Program Files\WISO\Steuersoftware 2013\rsdcom48.dll
2013-05-20 11:16 - 2013-05-23 14:39 - 00308816 _____ () C:\Program Files\WISO\Steuersoftware 2013\rscorewinapi48.dll
2013-05-20 11:16 - 2013-05-23 14:39 - 00321104 _____ () C:\Program Files\WISO\Steuersoftware 2013\rsguiwinapi48.dll
2013-05-20 11:15 - 2013-05-23 14:39 - 03001936 _____ () C:\Program Files\WISO\Steuersoftware 2013\wcore13.dll
2013-05-20 11:16 - 2013-05-23 14:41 - 00136272 _____ () C:\Program Files\WISO\Steuersoftware 2013\rsodbc48.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 02188880 _____ () C:\Program Files\WISO\Steuersoftware 2013\wfvie13.dll
2013-05-20 11:15 - 2013-05-23 14:39 - 01607760 _____ () C:\Program Files\WISO\Steuersoftware 2013\wsteu13.dll
2013-05-20 11:15 - 2013-05-23 14:39 - 01727056 _____ () C:\Program Files\WISO\Steuersoftware 2013\wreli13.dll
2013-05-20 11:15 - 2013-05-13 10:01 - 04157520 _____ () C:\Program Files\WISO\Steuersoftware 2013\wauff13.dll
2013-01-17 13:30 - 2013-03-15 15:09 - 01041408 _____ () C:\Program Files\WISO\Steuersoftware 2013\clucene-core.dll
2013-01-17 13:30 - 2013-02-12 11:03 - 00094208 _____ () C:\Program Files\WISO\Steuersoftware 2013\clucene-shared.dll
2013-01-17 13:30 - 2013-02-12 11:03 - 00251392 _____ () C:\Program Files\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 01496144 _____ () C:\Program Files\WISO\Steuersoftware 2013\wmain13.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 04948560 _____ () C:\Program Files\WISO\Steuersoftware 2013\wbae113.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 01368144 _____ () C:\Program Files\WISO\Steuersoftware 2013\wbae213.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 01748048 _____ () C:\Program Files\WISO\Steuersoftware 2013\wbae313.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 01561680 _____ () C:\Program Files\WISO\Steuersoftware 2013\wbae413.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 01146448 _____ () C:\Program Files\WISO\Steuersoftware 2013\whau113.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 01226320 _____ () C:\Program Files\WISO\Steuersoftware 2013\whau213.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 01305680 _____ () C:\Program Files\WISO\Steuersoftware 2013\wwerb13.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 06762064 _____ () C:\Program Files\WISO\Steuersoftware 2013\wkont13.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 01245184 _____ () C:\Program Files\WISO\Steuersoftware 2013\wimp13.dll
2013-05-20 11:15 - 2013-05-23 14:41 - 01314384 _____ () C:\Program Files\WISO\Steuersoftware 2013\wfabu13.dll
2013-12-15 08:01 - 2013-12-15 08:01 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-07-21 14:33 - 2010-07-21 14:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Broadcom 2070 Bluetooth
Description: Broadcom 2070 Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/24/2014 01:59:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/19/2014 02:28:46 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "1, 2, 0, 17" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (01/19/2014 02:27:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/16/2014 00:30:05 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "1, 2, 0, 17" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (01/16/2014 00:28:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/13/2014 06:00:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x1118
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (01/13/2014 03:10:28 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "1, 2, 0, 17" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (01/13/2014 03:09:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/07/2014 03:56:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x968
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (01/07/2014 02:13:50 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "1, 2, 0, 17" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
System errors:
=============
Error: (01/29/2014 01:35:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/29/2014 08:54:33 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/28/2014 07:45:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/27/2014 03:49:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/27/2014 07:51:04 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/26/2014 00:30:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/26/2014 08:11:07 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/25/2014 06:05:58 PM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
Error: (01/25/2014 00:15:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/25/2014 09:46:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "EngineServer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-01-19 14:29:11.004
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 14:29:11.004
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 14:29:11.004
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 14:29:10.988
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 14:29:10.988
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 14:29:10.988
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 14:29:10.973
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 14:29:10.973
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 14:29:10.973
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-19 14:29:10.957
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 2927.43 MB
Available physical RAM: 1554.75 MB
Total Pagefile: 5853.14 MB
Available Pagefile: 3770.42 MB
Total Virtual: 2047.88 MB
Available Virtual: 1885.49 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:280.8 GB) (Free:165.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.49 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: FAE75564)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
==================== End Of Log ============================
so, ich hoffe, ich habe alles richtig gemacht ;-) |
FRST 32-Bit | FRST 64-Bit
Lesestoff:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.