Trojaner-Board - merkwürdige darstellung der google suchergebnisse-hab ich mir was eingefangen?

frst.txt:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 03

Ran by Frank (administrator) on FRANKS-PC on 03-02-2014 00:59:47

Running from C:\Users\Frank\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(DT Soft Ltd) E:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(DT Soft Ltd) E:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe

(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\klwtblfs.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546472 2011-11-03] (Realtek Semiconductor)

HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [17920 2009-10-15] (Creative Technology Ltd.)

HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)

HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2011-09-14] (Intel Corporation)

HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)

HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)

HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd)

HKLM-x32\...\Run: [RoccatIsku] - C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2011-07-12] (ROCCAT GmbH)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)

HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [RoccatKone+] - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-08-30] (Cisco Systems, Inc.)

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\Run: [DAEMON Tools Pro Agent] - E:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [839488 2011-03-18] (DT Soft Ltd)

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\MountPoints2: {16bdfbed-dc4c-11e1-962b-bc05430d710c} - F:\AOESETUP.EXE /autorun

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\MountPoints2: {457fdc17-dc71-11e1-8420-806e6f6e6963} - D:\.\Bin\ASSETUP.exe

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\MountPoints2: {668f8185-5e97-11e3-8037-c8600023ce94} - G:\LGAutoRun.exe

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\MountPoints2: {9fb7aff7-dc71-11e1-8b9f-f222293df807} - E:\pushinst.exe

Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk

ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
 

==================== Internet (Whitelisted) ====================
 

ProxyEnable: Internet Explorer proxy is enabled.

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA802006F4E70CD01

BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)

BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default

FF Homepage: hxxp://www.mydtzone.com/startpage|chrome://branding/locale/browserconfig.properties

FF NetworkProxy: "ftp", "212.175.88.15"

FF NetworkProxy: "ftp_port", 8080

FF NetworkProxy: "http", "212.175.88.15"

FF NetworkProxy: "http_port", 8080

FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"

FF NetworkProxy: "share_proxy_settings", true

FF NetworkProxy: "socks", "212.175.88.15"

FF NetworkProxy: "socks_port", 8080

FF NetworkProxy: "ssl", "212.175.88.15"

FF NetworkProxy: "ssl_port", 8080

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\searchplugins\daemon-search.xml

FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\searchplugins\sweetim.xml

FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\searchplugins\youtube-videosuche.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: DownloadHelper - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-10-31]

FF Extension: Stealthy - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\Extensions\stealthyextension@gmail.com.xpi [2012-08-02]

FF Extension: Analyse des liens (URL Advisor) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2013-12-16]

FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru

FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru

FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\

FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com

FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-01]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com

FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-01]

FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com

FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-01]
 

==================== Services (Whitelisted) =================
 

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)
 

==================== Drivers (Whitelisted) ====================
 

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)

S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)

R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-03-23] (Asmedia Technology)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)

R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)

R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [23832 2011-09-14] (Intel Corporation)

R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-01] (Kaspersky Lab ZAO)

S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620640 2014-02-01] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-02-01] (Kaspersky Lab ZAO)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2012-08-02] ()

S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)

U3 axwm4ckx; C:\Windows\System32\Drivers\axwm4ckx.sys [0 ] (Asmedia Technology)

S3 SANDRA; \??\e:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5\WNt500x64\Sandra.sys [x]

U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-02-03 00:59 - 2014-02-03 00:59 - 00017912 _____ () C:\Users\Frank\Downloads\FRST.txt

2014-02-01 20:47 - 2014-02-01 20:47 - 00025229 _____ () C:\Users\Frank\Desktop\Projektbericht_KP.odt

2014-02-01 14:47 - 2014-02-01 14:47 - 00000000 ____D () C:\Windows\ELAMBKUP

2014-02-01 14:47 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll

2014-02-01 13:58 - 2014-02-01 14:22 - 245106208 _____ () C:\Users\Frank\Downloads\kav14.0.0.4651de-de.exe

2014-02-01 13:57 - 2014-02-01 13:57 - 00000186 _____ () C:\Users\Frank\Documents\kasperski.txt

2014-02-01 13:51 - 2014-02-03 00:59 - 00000000 ____D () C:\FRST

2014-02-01 13:51 - 2014-02-01 13:51 - 02080256 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe

2014-01-27 21:09 - 2014-01-27 23:10 - 00000182 _____ () C:\Users\Frank\Desktop\ben köln.txt

2014-01-23 23:41 - 2014-01-23 23:41 - 00119303 _____ () C:\Users\Frank\Desktop\Klausurfragen.odt

2014-01-20 18:47 - 2014-01-24 00:08 - 00000000 ____D () C:\Users\Frank\Desktop\logik

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\Users\Frank\AppData\Local\Cisco

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\ProgramData\Cisco

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\Program Files (x86)\Cisco

2014-01-18 18:05 - 2014-01-18 18:05 - 03049560 _____ (Cisco Systems, Inc.) C:\Users\Frank\Downloads\anyconnect-win-3.1.04066-web-deploy-k9.exe

2014-01-18 13:47 - 2014-01-18 13:47 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-15 21:33 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-01-15 21:33 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-01-15 21:33 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-01-12 14:02 - 2014-01-12 14:02 - 01412324 _____ () C:\Users\Frank\Desktop\interviw.rar

2014-01-10 16:24 - 2014-01-10 16:24 - 00002820 _____ () C:\Users\Frank\AppData\Local\recently-used.xbel

2014-01-07 22:51 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-01-07 22:51 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-01-07 22:51 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-01-07 22:51 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-01-07 22:51 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-01-07 22:51 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-01-07 22:51 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-01-07 22:51 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-01-07 22:51 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-01-07 22:51 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-01-07 22:51 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-01-07 22:51 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-01-07 22:51 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-01-07 22:51 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-01-07 22:51 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-01-07 22:51 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-01-07 22:51 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-01-07 22:51 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-01-07 22:51 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-01-07 22:51 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-01-07 22:51 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-01-07 22:51 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-01-07 22:51 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-01-07 22:51 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-01-07 22:51 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-01-07 22:51 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-01-07 22:51 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-01-07 22:51 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-01-07 22:51 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-01-07 22:51 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-01-07 22:51 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-01-07 03:06 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-01-07 03:06 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2014-01-07 03:06 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2014-01-07 03:06 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2014-01-07 03:05 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE

2014-01-07 03:02 - 2014-01-07 03:05 - 00010277 _____ () C:\Windows\IE11_main.log

2014-01-07 03:02 - 2014-01-07 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-01-07 03:02 - 2014-01-07 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-01-07 03:02 - 2014-01-07 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-01-07 03:02 - 2014-01-07 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-01-07 03:02 - 2014-01-07 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-01-07 03:02 - 2014-01-07 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-01-07 03:02 - 2014-01-07 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-01-06 17:33 - 2014-02-01 18:03 - 00000000 ____D () C:\Users\Frank\Desktop\interviw

2014-01-06 15:03 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll

2014-01-06 15:03 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2014-01-06 15:03 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-01-06 15:03 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-01-06 15:03 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll

2014-01-06 15:03 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll

2014-01-06 15:03 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll

2014-01-06 15:03 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll

2014-01-06 15:03 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-01-06 15:03 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-01-06 15:03 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2014-01-06 15:03 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2014-01-06 15:03 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2014-01-06 15:03 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-01-06 15:03 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2014-01-06 15:03 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2014-01-06 15:03 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys

2014-01-06 15:03 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys

2014-01-06 14:57 - 2014-01-06 15:03 - 65777850 _____ () C:\Users\Frank\Downloads\ROCCAT_Kone[+]_DRV1.50_FW1.45.zip
 

==================== One Month Modified Files and Folders =======
 

2014-02-03 00:59 - 2014-02-03 00:59 - 00017912 _____ () C:\Users\Frank\Downloads\FRST.txt

2014-02-03 00:59 - 2014-02-01 13:51 - 00000000 ____D () C:\FRST

2014-02-03 00:59 - 2012-08-02 02:36 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Skype

2014-02-03 00:58 - 2012-09-23 23:47 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-03 00:58 - 2012-08-02 03:44 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-02-03 00:58 - 2012-08-02 02:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-02-03 00:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-03 00:58 - 2009-07-14 05:51 - 00025609 _____ () C:\Windows\setupact.log

2014-02-03 00:57 - 2012-08-02 02:11 - 01980350 _____ () C:\Windows\WindowsUpdate.log

2014-02-03 00:22 - 2012-09-23 23:47 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-03 00:05 - 2012-08-03 09:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-02 12:18 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-02 12:18 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-02 12:17 - 2011-04-12 08:43 - 00708886 _____ () C:\Windows\system32\perfh007.dat

2014-02-02 12:17 - 2011-04-12 08:43 - 00153870 _____ () C:\Windows\system32\perfc007.dat

2014-02-02 12:17 - 2009-07-14 06:13 - 01647552 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-01 20:47 - 2014-02-01 20:47 - 00025229 _____ () C:\Users\Frank\Desktop\Projektbericht_KP.odt

2014-02-01 18:03 - 2014-01-06 17:33 - 00000000 ____D () C:\Users\Frank\Desktop\interviw

2014-02-01 15:03 - 2013-10-17 15:47 - 00620640 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys

2014-02-01 15:03 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys

2014-02-01 15:03 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys

2014-02-01 14:50 - 2010-11-21 04:47 - 00015808 _____ () C:\Windows\PFRO.log

2014-02-01 14:48 - 2012-08-02 02:20 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab

2014-02-01 14:47 - 2014-02-01 14:47 - 00000000 ____D () C:\Windows\ELAMBKUP

2014-02-01 14:22 - 2014-02-01 13:58 - 245106208 _____ () C:\Users\Frank\Downloads\kav14.0.0.4651de-de.exe

2014-02-01 13:57 - 2014-02-01 13:57 - 00000186 _____ () C:\Users\Frank\Documents\kasperski.txt

2014-02-01 13:51 - 2014-02-01 13:51 - 02080256 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe

2014-02-01 01:39 - 2014-01-03 15:47 - 00000771 _____ () C:\Users\Frank\Desktop\Neues Textdokument (3).txt

2014-01-27 23:10 - 2014-01-27 21:09 - 00000182 _____ () C:\Users\Frank\Desktop\ben köln.txt

2014-01-27 20:39 - 2013-09-16 18:26 - 00000000 ____D () C:\Users\Frank\Desktop\sozihuoa

2014-01-25 00:51 - 2012-08-05 16:18 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\vlc

2014-01-24 00:08 - 2014-01-20 18:47 - 00000000 ____D () C:\Users\Frank\Desktop\logik

2014-01-23 23:41 - 2014-01-23 23:41 - 00119303 _____ () C:\Users\Frank\Desktop\Klausurfragen.odt

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\Users\Frank\AppData\Local\Cisco

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\ProgramData\Cisco

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\Program Files (x86)\Cisco

2014-01-18 18:05 - 2014-01-18 18:05 - 03049560 _____ (Cisco Systems, Inc.) C:\Users\Frank\Downloads\anyconnect-win-3.1.04066-web-deploy-k9.exe

2014-01-18 13:48 - 2013-10-18 18:59 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-18 13:47 - 2014-01-18 13:47 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-18 13:47 - 2013-10-18 18:59 - 00000000 ____D () C:\Program Files (x86)\Java

2014-01-16 09:10 - 2009-07-14 05:45 - 00295424 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-01-16 02:06 - 2013-08-15 01:48 - 00000000 ____D () C:\Windows\system32\MRT

2014-01-16 02:05 - 2012-08-05 23:10 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-01-12 14:02 - 2014-01-12 14:02 - 01412324 _____ () C:\Users\Frank\Desktop\interviw.rar

2014-01-12 14:00 - 2013-12-20 17:17 - 00015176 _____ () C:\Users\Frank\Desktop\leitfaden1.0.odt

2014-01-12 12:45 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-01-11 22:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2014-01-10 16:31 - 2012-08-13 20:16 - 00000000 ____D () C:\Users\Frank\.gimp-2.8

2014-01-10 16:24 - 2014-01-10 16:24 - 00002820 _____ () C:\Users\Frank\AppData\Local\recently-used.xbel

2014-01-07 19:28 - 2013-11-04 21:29 - 00000004 _____ () C:\Users\Frank\Desktop\fahrstunde.txt

2014-01-07 15:02 - 2012-08-02 02:12 - 00001421 _____ () C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-01-07 03:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-01-07 03:05 - 2014-01-07 03:02 - 00010277 _____ () C:\Windows\IE11_main.log

2014-01-07 03:02 - 2014-01-07 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2014-01-07 03:02 - 2014-01-07 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat

2014-01-07 03:02 - 2014-01-07 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-01-07 03:02 - 2014-01-07 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2014-01-07 03:02 - 2014-01-07 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2014-01-07 03:02 - 2014-01-07 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2014-01-07 03:02 - 2014-01-07 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2014-01-07 03:02 - 2014-01-07 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-01-07 03:02 - 2014-01-07 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2014-01-06 15:04 - 2012-08-02 02:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-01-06 15:03 - 2014-01-06 14:57 - 65777850 _____ () C:\Users\Frank\Downloads\ROCCAT_Kone[+]_DRV1.50_FW1.45.zip

2014-01-05 14:38 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
 

Some content of TEMP:

====================

C:\Users\Frank\AppData\Local\Temp\CmdLineExt03.dll

C:\Users\Frank\AppData\Local\Temp\COMAP.EXE

C:\Users\Frank\AppData\Local\Temp\drm_dialogs.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7350007.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7350008.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7360011.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7370014.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7390005.dll

C:\Users\Frank\AppData\Local\Temp\DSETUP.dll

C:\Users\Frank\AppData\Local\Temp\dsetup32.dll

C:\Users\Frank\AppData\Local\Temp\DXSETUP.exe

C:\Users\Frank\AppData\Local\Temp\EBU1002.EXE

C:\Users\Frank\AppData\Local\Temp\EBU134C.DLL

C:\Users\Frank\AppData\Local\Temp\EBU236F.EXE

C:\Users\Frank\AppData\Local\Temp\EBU2534.DLL

C:\Users\Frank\AppData\Local\Temp\EBU2775.DLL

C:\Users\Frank\AppData\Local\Temp\EBU41E8.DLL

C:\Users\Frank\AppData\Local\Temp\EBU5C3.EXE

C:\Users\Frank\AppData\Local\Temp\EBU778.DLL

C:\Users\Frank\AppData\Local\Temp\EBU8BB4.DLL

C:\Users\Frank\AppData\Local\Temp\EBU8F2D.EXE

C:\Users\Frank\AppData\Local\Temp\EBU90D2.DLL

C:\Users\Frank\AppData\Local\Temp\EBUA683.EXE

C:\Users\Frank\AppData\Local\Temp\EBUA809.DLL

C:\Users\Frank\AppData\Local\Temp\EBUB66B.EXE

C:\Users\Frank\AppData\Local\Temp\EBUB85E.DLL

C:\Users\Frank\AppData\Local\Temp\EBUD254.DLL

C:\Users\Frank\AppData\Local\Temp\EBUE538.EXE

C:\Users\Frank\AppData\Local\Temp\EBUE6BE.DLL

C:\Users\Frank\AppData\Local\Temp\fp_pl_pfs_installer-1.exe

C:\Users\Frank\AppData\Local\Temp\fp_pl_pfs_installer-2.exe

C:\Users\Frank\AppData\Local\Temp\fp_pl_pfs_installer.exe

C:\Users\Frank\AppData\Local\Temp\JDownloaderSetup.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\mgsqlite3.dll

C:\Users\Frank\AppData\Local\Temp\nv3DVStreaming.dll

C:\Users\Frank\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Frank\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\Frank\AppData\Local\Temp\nvStereoApiI.dll

C:\Users\Frank\AppData\Local\Temp\nvStereoApiI64.dll

C:\Users\Frank\AppData\Local\Temp\nvStInst.exe

C:\Users\Frank\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe

C:\Users\Frank\AppData\Local\Temp\SIMEEI2Installer.exe

C:\Users\Frank\AppData\Local\Temp\SIMEEIInstaller.exe

C:\Users\Frank\AppData\Local\Temp\SIntf16.dll

C:\Users\Frank\AppData\Local\Temp\SIntf32.dll

C:\Users\Frank\AppData\Local\Temp\SIntfNT.dll

C:\Users\Frank\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Frank\AppData\Local\Temp\swt-win32-3349.dll

C:\Users\Frank\AppData\Local\Temp\vlc-2.0.4-win32.exe

C:\Users\Frank\AppData\Local\Temp\vlc-2.0.6-win32.exe

C:\Users\Frank\AppData\Local\Temp\vlc-2.0.8-win32.exe

C:\Users\Frank\AppData\Local\Temp\ydetect.exe

C:\Users\Frank\AppData\Local\Temp\_is2951.exe

C:\Users\Frank\AppData\Local\Temp\_is2FF6.exe

C:\Users\Frank\AppData\Local\Temp\_is35C0.exe

C:\Users\Frank\AppData\Local\Temp\_is4662.exe

C:\Users\Frank\AppData\Local\Temp\_is74B3.exe

C:\Users\Frank\AppData\Local\Temp\_is780C.exe

C:\Users\Frank\AppData\Local\Temp\_isB24F.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-01-29 14:41
 

==================== End Of Log ============================

--- --- ---

Addition.txt:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 03

Ran by Frank at 2014-02-03 01:00:00

Running from C:\Users\Frank\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}

AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden

8000A809_BasicWeb (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden

8000A809_Help_BasicWeb (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Reader X (10.1.9) - Deutsch (x32 Version: 10.1.9 - Adobe Systems Incorporated)

Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.1.0 - Asmedia Technology)

Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.2.2.000 - Asmedia Technology)

AVM FRITZ!WLAN (x32 Version:  - AVM Berlin)

BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden

Cisco AnyConnect Secure Mobility Client  (x32 Version: 3.1.04066 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04066 - Cisco Systems, Inc.) Hidden

CyberLink Media Suite (x32 Version: 8.0.2227 - CyberLink Corp.)

CyberLink Media Suite (x32 Version: 8.0.2227 - CyberLink Corp.) Hidden

CyberLink PowerDVD 10 (x32 Version: 10.0.3613.52 - CyberLink Corp.)

CyberLink PowerDVD 10 (x32 Version: 10.0.3613.52 - CyberLink Corp.) Hidden

DAEMON Tools Pro (x32 Version: 4.40.0312.0221 - DT Soft Ltd)

Darksiders (x32 Version:  - Vigil Games)

DarksidersInstaller (x32 Version: 1.00.1000 - Ihr Firmenname)

Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ)

Dawn of War - Soulstorm (x32 Version: 1.00.0000 - THQ) Hidden

Diablo II (x32 Version:  - Blizzard Entertainment)

Endless Space (x32 Version:  - Amplitude Studios)

For the Motherland version 3.2 (x32 Version: 3.2 - Paradox Interactive)

Free YouTube to MP3 Converter version 3.12.0.128 (x32 Version: 3.12.0.128 - DVDVideoSoft Ltd.)

GIMP 2.8.0 (Version: 2.8.0 - The GIMP Team)

Google Earth (x32 Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden

Hearts of Iron III (x32 Version:  - )

HP Officejet Pro 8000 A809 Series (Version: 14.0 - HP)

Intel(R) Management Engine Components (x32 Version: 7.1.21.1124 - Intel Corporation)

Intel(R) Network Connections 16.5.2.0 (Version: 16.5.2.0 - Intel)

Intel(R) Network Connections 16.5.2.0 (Version: 16.5.2.0 - Intel) Hidden

Intel(R) Rapid Storage Technology enterprise (x32 Version: 3.0.0.1112 - Intel Corporation)

Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)

Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab)

Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden

LG United Mobile Drivers (x32 Version: 3.8.1 - LG Electronics)

Medieval II Total War (x32 Version: 1.03.000 - SEGA)

Medieval II Total War : Kingdoms : Americas (x32 Version: 1.05.000 - SEGA)

Medieval II Total War : Kingdoms : Britannia (x32 Version: 1.05.000 - SEGA)

Medieval II Total War : Kingdoms : Crusades (x32 Version: 1.05.000 - SEGA)

Medieval II Total War : Kingdoms : Teutonic (x32 Version: 1.05.000 - SEGA)

Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Age of Empires Gold (x32 Version:  - )

Microsoft Games for Windows - LIVE Redistributable (x32 Version: 1.2.0238 - Microsoft Corporation)

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)

Mozilla Maintenance Service (x32 Version: 24.2.0 - Mozilla)

Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)

MSI Afterburner 2.2.3 (x32 Version: 2.2.3 - MSI Co., LTD)

Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden

NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 314.22 (Version: 314.22 - NVIDIA Corporation)

NVIDIA Grafiktreiber 314.22 (Version: 314.22 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.115.743 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden

NVIDIA Update 1.12.12 (Version: 1.12.12 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden

OpenAL (x32 Version:  - )

OpenOffice.org 3.4 (x32 Version: 3.4.9590 - OpenOffice.org)

Prince of Persia The Sands of Time (x32 Version: 1.00.181 - )

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6495 - Realtek Semiconductor Corp.)

ROCCAT Isku Keyboard Driver (x32 Version:  - Roccat GmbH)

ROCCAT Kone[+] Mouse Driver (x32 Version:  - Roccat GmbH)

Rush for Berlin (x32 Version: 1.24 - Deep Silver)

Samsung SSD Magician (x32 Version: 3.1 - Samsung Electronics)

Semper Fi 1.0 (x32 Version:  - Paradox Interactive)

Sid Meier's Civilization V (x32 Version:  - 2K Games, Inc.)

Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)

Sound Blaster X-Fi MB 2 (x32 Version: 1.0 - Creative Technology Limited)

Star Trek Online (x32 Version:  - Cryptic Studios)

Star Wars Battlefront II (x32 Version: 1.0 - LucasArts)

Star Wars: The Old Republic (x32 Version: 1.00 - Electronic Arts, Inc.)

Starfleet Command - Gold Edition (x32 Version:  - )

Steam (x32 Version: 1.0.0.0 - Valve Corporation)

TeamSpeak 3 Client (HKCU Version: 3.0.13.1 - TeamSpeak Systems GmbH)

Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden

Total War: ROME II (x32 Version:  - Creative Assembly)

Total War: SHOGUN 2 (x32 Version:  - The Creative Assembly)

Universe at War Earth Assault (x32 Version: 1.00.0000 - Petroglyph)

Universe at War Earth Assault (x32 Version: 1.00.0000 - Petroglyph) Hidden

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Veoh Web Player (x32 Version: 1.1.2.0000 - Veoh Networks, Inc.)

Victoria 2 (x32 Version:  - )

VLC media player 2.0.8 (x32 Version: 2.0.8 - VideoLAN)

Warlords Battlecry III (x32 Version: W4PCA0.8 - )

WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden

Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)

WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0 - win.rar GmbH)

Yahoo! Detect (x32 Version:  - )
 

==================== Restore Points  =========================
 

01-02-2014 19:28:30 Geplanter Prüfpunkt

02-02-2014 18:30:11 Windows-Sicherung
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0874C93D-2D76-4B79-92F6-0BA15A51C9E2} - System32\Tasks\{F2F47F25-28E2-4E48-B863-09BCC9C2DBE4} => E:\Program Files (x86)\Enlight\Infinite Interactive\Warlords Battlecry III\Battlecry III.exe [2005-02-19] (Infinite Interactive)

Task: {133558B2-E040-41FF-9E8E-4C48F0A4A41F} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)

Task: {339C35DE-0AB8-4067-9012-0039DC0FBB78} - System32\Tasks\{809B2CE6-F8FF-46C3-A85E-D3A6C0B1A718} => C:\Users\Frank\Desktop\aoecd\AOESetup.Exe

Task: {67913FF7-E20E-409E-A863-E74E35AA360D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {734F0B22-B55D-4B4F-81D2-9D3816F9002A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-23] (Google Inc.)

Task: {C5408C6F-B10A-4445-8CF7-828A4D65B3BD} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2013-05-24] (Veoh Networks)

Task: {E00B1AE4-0B6B-4794-B5A9-64E9E0565019} - System32\Tasks\{DC0B9E6B-27DA-4BDC-9D20-8ACF080B1A24} => C:\Users\Frank\Desktop\aoecd\AOESetup.Exe

Task: {E2A8D714-AE7D-4399-AFBB-23ED8B3B0D44} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-16] (Adobe Systems Incorporated)

Task: {FFDD0276-DB4F-4B05-BC52-90E28DFD2DC7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-23] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-08-30 23:11 - 2013-08-30 23:11 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll

2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll

2012-08-02 02:50 - 2009-12-29 15:50 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL

2012-08-02 02:50 - 2010-06-08 12:22 - 00181760 _____ () C:\Windows\SysWOW64\APOMngr.DLL

2012-08-02 03:52 - 2010-11-04 10:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll

2014-01-06 15:04 - 2010-06-22 13:50 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (02/02/2014 00:13:32 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/01/2014 02:51:47 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/01/2014 01:38:06 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/01/2014 02:06:30 AM) (Source: Application Hang) (User: )

Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 98c
 

Startzeit: 01cf1ee9c69a30f3
 

Endzeit: 50
 

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 

Berichts-ID: 1303891f-8add-11e3-bdfa-bc05430d710c
 

Error: (02/01/2014 02:06:00 AM) (Source: Application Hang) (User: )

Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 1d88
 

Startzeit: 01cf1ee97a6d4765
 

Endzeit: 40
 

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 

Berichts-ID: 00dd1344-8add-11e3-bdfa-bc05430d710c
 

Error: (01/31/2014 10:12:01 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/30/2014 09:10:20 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/29/2014 00:28:49 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/28/2014 08:52:12 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/27/2014 10:06:56 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (02/02/2014 07:32:40 PM) (Source: VDS Basic Provider) (User: )

Description: Unerwarteter Fehler. Fehlercode: 490@01010004
 

Error: (02/02/2014 00:13:56 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1069
 

Error: (02/02/2014 00:13:56 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

%%1330
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 

Error: (02/02/2014 03:09:35 AM) (Source: DCOM) (User: )

Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 

Error: (02/01/2014 07:55:16 PM) (Source: volsnap) (User: )

Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 

Error: (02/01/2014 03:03:14 PM) (Source: Service Control Manager) (User: )

Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 

%%5
 

Error: (02/01/2014 02:52:11 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1069
 

Error: (02/01/2014 02:52:11 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

%%1330
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 

Error: (02/01/2014 01:38:35 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1069
 

Error: (02/01/2014 01:38:35 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

%%1330
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 
 

Microsoft Office Sessions:

=========================

Error: (02/02/2014 00:13:32 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/01/2014 02:51:47 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/01/2014 01:38:06 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (02/01/2014 02:06:30 AM) (Source: Application Hang)(User: )

Description: firefox.exe26.0.0.508798c01cf1ee9c69a30f350C:\Program Files (x86)\Mozilla Firefox\firefox.exe1303891f-8add-11e3-bdfa-bc05430d710c
 

Error: (02/01/2014 02:06:00 AM) (Source: Application Hang)(User: )

Description: firefox.exe26.0.0.50871d8801cf1ee97a6d476540C:\Program Files (x86)\Mozilla Firefox\firefox.exe00dd1344-8add-11e3-bdfa-bc05430d710c
 

Error: (01/31/2014 10:12:01 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/30/2014 09:10:20 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/29/2014 00:28:49 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/28/2014 08:52:12 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/27/2014 10:06:56 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-02-02 13:23:43.535

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-02-02 13:23:43.535

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-02-02 13:23:43.535

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-02-02 13:23:43.535

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-02-02 13:23:43.535

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-02-02 13:23:43.525

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2012-08-05 21:01:32.344

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Frank\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2012-08-05 21:01:32.338

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Frank\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2012-08-05 21:01:32.305

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 

  Date: 2012-08-05 21:01:32.299

  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 22%

Total physical RAM: 8168.34 MB

Available physical RAM: 6368.63 MB

Total Pagefile: 16334.86 MB

Available Pagefile: 14432.9 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:119.14 GB) (Free:41.87 GB) NTFS

Drive e: (Daten) (Fixed) (Total:1863.01 GB) (Free:1371 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DF4100B7)

Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: EC8487FF)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

so ich hoffe das ihr damit was anfangen könnt....

so hier die logs

malware bytes

Code:

Malwarebytes Anti-Malware (Test) 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2014.02.08.04
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16476

Frank :: FRANKS-PC [Administrator]
 

Schutz: Aktiviert
 

08.02.2014 14:35:10

mbam-log-2014-02-08 (14-35-10).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 245911

Laufzeit: 2 Minute(n), 49 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 3

HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Registrierungswerte: 3

HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0Z2T1N1OtGtBtH0D0OtBtF0T -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {903D1949-4D23-11E2-9D26-BC05430D710C} -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {903D1949-4D23-11E2-9D26-BC05430D710C} -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 1

C:\Users\Frank\AppData\Local\Temp\CT3264748 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Dateien: 7

C:\Users\Frank\AppData\Local\Temp\IWp1iNbY.exe.part (PUP.Optional.Amonetize) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Frank\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Frank\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Frank\AppData\Local\Temp\is1070216317\bundlesweetimsetup.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Frank\Downloads\DTLite4454-0316.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Frank\Downloads\VeohWebPlayer138Setup_eng.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Frank\AppData\Local\Temp\CT3264748\ddt.csf (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

adware cleaner
AdwCleaner Logfile:

Code:

# AdwCleaner v3.018 - Bericht erstellt am 08/02/2014 um 14:44:00

# Updated 28/01/2014 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Benutzername : Frank - FRANKS-PC

# Gestartet von : C:\Users\Frank\Downloads\adwcleaner.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\Users\Frank\AppData\Roaming\dvdvideosoftiehelpers

Datei Gelöscht : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\searchplugins\daemon-search.xml

Datei Gelöscht : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\searchplugins\SweetIm.xml
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Schlüssel Gelöscht : HKCU\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\smartbar
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.16428
 
 

-\\ Mozilla Firefox v26.0 (de)
 

[ Datei : C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\prefs.js ]
 
 

*************************
 

AdwCleaner[R0].txt - [2863 octets] - [08/02/2014 14:42:52]

AdwCleaner[S0].txt - [2666 octets] - [08/02/2014 14:44:00]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2726 octets] ##########

--- --- ---

[/CODE]

junkware

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.1 (02.04.2014:1)

OS: Windows 7 Home Premium x64

Ran by Frank on 08.02.2014 at 14:47:51,20

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3607139183-263413436-841191055-1000\Software\sweetim
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ FireFox
 

Emptied folder: C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\gxlrtn4t.default\minidumps [81 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 08.02.2014 at 14:52:43,91

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und das frische frst log

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014

Ran by Frank (administrator) on FRANKS-PC on 08-02-2014 14:55:36

Running from C:\Users\Frank\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe

(Malwarebytes Corporation) E:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(DT Soft Ltd) E:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(DT Soft Ltd) E:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe

(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe

(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\klwtblfs.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546472 2011-11-03] (Realtek Semiconductor)

HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [17920 2009-10-15] (Creative Technology Ltd.)

HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)

HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2011-09-14] (Intel Corporation)

HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)

HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)

HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe [241789 2010-02-18] (Creative Technology Ltd)

HKLM-x32\...\Run: [RoccatIsku] - C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2011-07-12] (ROCCAT GmbH)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)

HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2011-09-28] (cyberlink)

HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [RoccatKone+] - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)

HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-08-30] (Cisco Systems, Inc.)

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\Run: [DAEMON Tools Pro Agent] - E:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [839488 2011-03-18] (DT Soft Ltd)

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\MountPoints2: {16bdfbed-dc4c-11e1-962b-bc05430d710c} - F:\AOESETUP.EXE /autorun

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\MountPoints2: {457fdc17-dc71-11e1-8420-806e6f6e6963} - D:\.\Bin\ASSETUP.exe

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\MountPoints2: {668f8185-5e97-11e3-8037-c8600023ce94} - G:\LGAutoRun.exe

HKU\S-1-5-21-3607139183-263413436-841191055-1000\...\MountPoints2: {9fb7aff7-dc71-11e1-8b9f-f222293df807} - E:\pushinst.exe

Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk

ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
 

==================== Internet (Whitelisted) ====================
 

ProxyEnable: Internet Explorer proxy is enabled.

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA802006F4E70CD01

BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default

FF Homepage: hxxp://www.mydtzone.com/startpage|chrome://branding/locale/browserconfig.properties

FF NetworkProxy: "ftp", "81.201.57.65"

FF NetworkProxy: "ftp_port", 8080

FF NetworkProxy: "http", "81.201.57.65"

FF NetworkProxy: "http_port", 8080

FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"

FF NetworkProxy: "share_proxy_settings", true

FF NetworkProxy: "socks", "81.201.57.65"

FF NetworkProxy: "socks_port", 8080

FF NetworkProxy: "ssl", "81.201.57.65"

FF NetworkProxy: "ssl_port", 8080

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\searchplugins\youtube-videosuche.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: DownloadHelper - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-10-31]

FF Extension: Stealthy - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gxlrtn4t.default\Extensions\stealthyextension@gmail.com.xpi [2012-08-02]

FF Extension: Analyse des liens (URL Advisor) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2013-12-16]

FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\virtualKeyboard@kaspersky.ru

FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\FFExt\linkfilter@kaspersky.ru

FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com

FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-02-01]

FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com

FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-02-01]

FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com

FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-02-01]
 

==================== Services (Whitelisted) =================
 

R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-04-20] (CyberLink)

R2 MBAMScheduler; e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; e:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
 

==================== Drivers (Whitelisted) ====================
 

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)

S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)

R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-03-23] (Asmedia Technology)

S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)

R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)

R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [23832 2011-09-14] (Intel Corporation)

R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-02-01] (Kaspersky Lab ZAO)

S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [112224 2013-06-08] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [620640 2014-02-01] (Kaspersky Lab ZAO)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)

R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-02-01] (Kaspersky Lab ZAO)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2012-08-02] ()

S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)

U3 a0fyqtyq; C:\Windows\System32\Drivers\a0fyqtyq.sys [0 ] (Microsoft Corporation)

S3 SANDRA; \??\e:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5\WNt500x64\Sandra.sys [X]

U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-02-08 14:55 - 2014-02-08 14:55 - 00000000 ____D () C:\Users\Frank\Downloads\FRST-OlderVersion

2014-02-08 14:52 - 2014-02-08 14:52 - 00000945 _____ () C:\Users\Frank\Desktop\JRT.txt

2014-02-08 14:47 - 2014-02-08 14:47 - 00000000 ____D () C:\Windows\ERUNT

2014-02-08 14:46 - 2014-02-08 14:46 - 01037530 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe

2014-02-08 14:45 - 2014-02-08 14:45 - 00002814 _____ () C:\Users\Frank\Desktop\AdwCleaner[S0].txt

2014-02-08 14:42 - 2014-02-08 14:44 - 00000000 ____D () C:\AdwCleaner

2014-02-08 14:42 - 2014-02-08 14:42 - 01166132 _____ () C:\Users\Frank\Downloads\adwcleaner.exe

2014-02-08 14:32 - 2014-02-08 14:32 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Malwarebytes

2014-02-08 14:32 - 2014-02-08 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-08 14:32 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-08 14:30 - 2014-02-08 14:31 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Frank\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-07 18:54 - 2014-02-07 22:32 - 00000609 _____ () C:\Users\Frank\Desktop\rechner.txt

2014-02-05 23:25 - 2014-02-05 23:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-02-05 22:37 - 2014-02-05 22:37 - 16048052 _____ () C:\Users\Frank\Desktop\leidhold folien.rar

2014-02-05 22:34 - 2014-02-05 22:36 - 00000000 ____D () C:\Users\Frank\Desktop\leidhold folien

2014-02-03 21:27 - 2014-02-03 21:58 - 06000983 _____ () C:\Users\Frank\Infos.rar

2014-02-03 01:00 - 2014-02-03 01:00 - 00025925 _____ () C:\Users\Frank\Downloads\Addition.txt

2014-02-03 00:59 - 2014-02-08 14:55 - 00017792 _____ () C:\Users\Frank\Downloads\FRST.txt

2014-02-01 14:47 - 2014-02-01 14:47 - 00000000 ____D () C:\Windows\ELAMBKUP

2014-02-01 14:47 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll

2014-02-01 13:58 - 2014-02-01 14:22 - 245106208 _____ () C:\Users\Frank\Downloads\kav14.0.0.4651de-de.exe

2014-02-01 13:57 - 2014-02-01 13:57 - 00000186 _____ () C:\Users\Frank\Documents\kasperski.txt

2014-02-01 13:51 - 2014-02-08 14:55 - 02079744 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe

2014-02-01 13:51 - 2014-02-08 14:55 - 00000000 ____D () C:\FRST

2014-01-27 21:09 - 2014-01-27 23:10 - 00000182 _____ () C:\Users\Frank\Desktop\ben köln.txt

2014-01-23 23:41 - 2014-01-23 23:41 - 00119303 _____ () C:\Users\Frank\Desktop\Klausurfragen.odt

2014-01-20 18:47 - 2014-01-24 00:08 - 00000000 ____D () C:\Users\Frank\Desktop\logik

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\Users\Frank\AppData\Local\Cisco

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\ProgramData\Cisco

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\Program Files (x86)\Cisco

2014-01-18 18:05 - 2014-01-18 18:05 - 03049560 _____ (Cisco Systems, Inc.) C:\Users\Frank\Downloads\anyconnect-win-3.1.04066-web-deploy-k9.exe

2014-01-18 13:47 - 2014-01-18 13:47 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-15 21:33 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-01-15 21:33 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-01-15 21:33 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-01-15 21:33 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-01-12 14:02 - 2014-01-12 14:02 - 01412324 _____ () C:\Users\Frank\Desktop\interviw.rar

2014-01-10 16:24 - 2014-01-10 16:24 - 00002820 _____ () C:\Users\Frank\AppData\Local\recently-used.xbel
 

==================== One Month Modified Files and Folders =======
 

2014-02-08 14:55 - 2014-02-08 14:55 - 00000000 ____D () C:\Users\Frank\Downloads\FRST-OlderVersion

2014-02-08 14:55 - 2014-02-03 00:59 - 00017792 _____ () C:\Users\Frank\Downloads\FRST.txt

2014-02-08 14:55 - 2014-02-01 13:51 - 02079744 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe

2014-02-08 14:55 - 2014-02-01 13:51 - 00000000 ____D () C:\FRST

2014-02-08 14:52 - 2014-02-08 14:52 - 00000945 _____ () C:\Users\Frank\Desktop\JRT.txt

2014-02-08 14:52 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-08 14:52 - 2009-07-14 05:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-08 14:51 - 2011-04-12 08:43 - 00708886 _____ () C:\Windows\system32\perfh007.dat

2014-02-08 14:51 - 2011-04-12 08:43 - 00153870 _____ () C:\Windows\system32\perfc007.dat

2014-02-08 14:51 - 2009-07-14 06:13 - 01647552 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-08 14:47 - 2014-02-08 14:47 - 00000000 ____D () C:\Windows\ERUNT

2014-02-08 14:46 - 2014-02-08 14:46 - 01037530 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe

2014-02-08 14:45 - 2014-02-08 14:45 - 00002814 _____ () C:\Users\Frank\Desktop\AdwCleaner[S0].txt

2014-02-08 14:45 - 2012-09-23 23:47 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-08 14:45 - 2012-08-02 03:44 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-02-08 14:45 - 2012-08-02 02:36 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Skype

2014-02-08 14:45 - 2012-08-02 02:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-02-08 14:45 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-08 14:45 - 2009-07-14 05:51 - 00026057 _____ () C:\Windows\setupact.log

2014-02-08 14:44 - 2014-02-08 14:42 - 00000000 ____D () C:\AdwCleaner

2014-02-08 14:44 - 2012-08-02 02:11 - 01154936 _____ () C:\Windows\WindowsUpdate.log

2014-02-08 14:42 - 2014-02-08 14:42 - 01166132 _____ () C:\Users\Frank\Downloads\adwcleaner.exe

2014-02-08 14:40 - 2010-11-21 04:47 - 00017880 _____ () C:\Windows\PFRO.log

2014-02-08 14:32 - 2014-02-08 14:32 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Malwarebytes

2014-02-08 14:32 - 2014-02-08 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-08 14:31 - 2014-02-08 14:30 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Frank\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-08 14:22 - 2012-09-23 23:47 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-08 02:05 - 2012-08-03 09:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-07 22:32 - 2014-02-07 18:54 - 00000609 _____ () C:\Users\Frank\Desktop\rechner.txt

2014-02-07 18:53 - 2014-01-06 17:33 - 00000000 ____D () C:\Users\Frank\Desktop\interviw

2014-02-06 14:16 - 2012-08-02 02:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-05 23:25 - 2014-02-05 23:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-02-05 22:37 - 2014-02-05 22:37 - 16048052 _____ () C:\Users\Frank\Desktop\leidhold folien.rar

2014-02-05 22:36 - 2014-02-05 22:34 - 00000000 ____D () C:\Users\Frank\Desktop\leidhold folien

2014-02-05 21:05 - 2012-08-03 09:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-02-05 21:05 - 2012-08-03 09:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-05 21:05 - 2012-08-03 09:10 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-02-03 22:46 - 2012-08-02 02:11 - 00000000 ____D () C:\Users\Frank

2014-02-03 21:58 - 2014-02-03 21:27 - 06000983 _____ () C:\Users\Frank\Infos.rar

2014-02-03 01:00 - 2014-02-03 01:00 - 00025925 _____ () C:\Users\Frank\Downloads\Addition.txt

2014-02-01 15:03 - 2013-10-17 15:47 - 00620640 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys

2014-02-01 15:03 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys

2014-02-01 15:03 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys

2014-02-01 14:48 - 2012-08-02 02:20 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab

2014-02-01 14:47 - 2014-02-01 14:47 - 00000000 ____D () C:\Windows\ELAMBKUP

2014-02-01 14:22 - 2014-02-01 13:58 - 245106208 _____ () C:\Users\Frank\Downloads\kav14.0.0.4651de-de.exe

2014-02-01 13:57 - 2014-02-01 13:57 - 00000186 _____ () C:\Users\Frank\Documents\kasperski.txt

2014-02-01 01:39 - 2014-01-03 15:47 - 00000771 _____ () C:\Users\Frank\Desktop\Neues Textdokument (3).txt

2014-01-27 23:10 - 2014-01-27 21:09 - 00000182 _____ () C:\Users\Frank\Desktop\ben köln.txt

2014-01-27 20:39 - 2013-09-16 18:26 - 00000000 ____D () C:\Users\Frank\Desktop\sozihuoa

2014-01-25 00:51 - 2012-08-05 16:18 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\vlc

2014-01-24 00:08 - 2014-01-20 18:47 - 00000000 ____D () C:\Users\Frank\Desktop\logik

2014-01-23 23:41 - 2014-01-23 23:41 - 00119303 _____ () C:\Users\Frank\Desktop\Klausurfragen.odt

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\Users\Frank\AppData\Local\Cisco

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\ProgramData\Cisco

2014-01-18 18:06 - 2014-01-18 18:06 - 00000000 ____D () C:\Program Files (x86)\Cisco

2014-01-18 18:05 - 2014-01-18 18:05 - 03049560 _____ (Cisco Systems, Inc.) C:\Users\Frank\Downloads\anyconnect-win-3.1.04066-web-deploy-k9.exe

2014-01-18 13:48 - 2013-10-18 18:59 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-18 13:47 - 2014-01-18 13:47 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-18 13:47 - 2013-10-18 18:59 - 00000000 ____D () C:\Program Files (x86)\Java

2014-01-16 09:10 - 2009-07-14 05:45 - 00295424 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-01-16 02:06 - 2013-08-15 01:48 - 00000000 ____D () C:\Windows\system32\MRT

2014-01-16 02:05 - 2012-08-05 23:10 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-01-12 14:02 - 2014-01-12 14:02 - 01412324 _____ () C:\Users\Frank\Desktop\interviw.rar

2014-01-12 12:45 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

2014-01-11 22:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2014-01-10 16:31 - 2012-08-13 20:16 - 00000000 ____D () C:\Users\Frank\.gimp-2.8

2014-01-10 16:24 - 2014-01-10 16:24 - 00002820 _____ () C:\Users\Frank\AppData\Local\recently-used.xbel
 

Some content of TEMP:

====================

C:\Users\Frank\AppData\Local\Temp\CmdLineExt03.dll

C:\Users\Frank\AppData\Local\Temp\COMAP.EXE

C:\Users\Frank\AppData\Local\Temp\drm_dialogs.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7350007.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7350008.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7360011.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7370014.dll

C:\Users\Frank\AppData\Local\Temp\drm_dyndata_7390005.dll

C:\Users\Frank\AppData\Local\Temp\DSETUP.dll

C:\Users\Frank\AppData\Local\Temp\dsetup32.dll

C:\Users\Frank\AppData\Local\Temp\DXSETUP.exe

C:\Users\Frank\AppData\Local\Temp\EBU1002.EXE

C:\Users\Frank\AppData\Local\Temp\EBU134C.DLL

C:\Users\Frank\AppData\Local\Temp\EBU236F.EXE

C:\Users\Frank\AppData\Local\Temp\EBU2534.DLL

C:\Users\Frank\AppData\Local\Temp\EBU2775.DLL

C:\Users\Frank\AppData\Local\Temp\EBU41E8.DLL

C:\Users\Frank\AppData\Local\Temp\EBU5C3.EXE

C:\Users\Frank\AppData\Local\Temp\EBU778.DLL

C:\Users\Frank\AppData\Local\Temp\EBU8BB4.DLL

C:\Users\Frank\AppData\Local\Temp\EBU8F2D.EXE

C:\Users\Frank\AppData\Local\Temp\EBU90D2.DLL

C:\Users\Frank\AppData\Local\Temp\EBUA683.EXE

C:\Users\Frank\AppData\Local\Temp\EBUA809.DLL

C:\Users\Frank\AppData\Local\Temp\EBUB66B.EXE

C:\Users\Frank\AppData\Local\Temp\EBUB85E.DLL

C:\Users\Frank\AppData\Local\Temp\EBUD254.DLL

C:\Users\Frank\AppData\Local\Temp\EBUE538.EXE

C:\Users\Frank\AppData\Local\Temp\EBUE6BE.DLL

C:\Users\Frank\AppData\Local\Temp\fp_pl_pfs_installer-1.exe

C:\Users\Frank\AppData\Local\Temp\fp_pl_pfs_installer-2.exe

C:\Users\Frank\AppData\Local\Temp\fp_pl_pfs_installer.exe

C:\Users\Frank\AppData\Local\Temp\JDownloaderSetup.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\Frank\AppData\Local\Temp\nv3DVStreaming.dll

C:\Users\Frank\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Frank\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\Frank\AppData\Local\Temp\nvStereoApiI.dll

C:\Users\Frank\AppData\Local\Temp\nvStereoApiI64.dll

C:\Users\Frank\AppData\Local\Temp\nvStInst.exe

C:\Users\Frank\AppData\Local\Temp\Quarantine.exe

C:\Users\Frank\AppData\Local\Temp\SIMEEI2Installer.exe

C:\Users\Frank\AppData\Local\Temp\SIMEEIInstaller.exe

C:\Users\Frank\AppData\Local\Temp\SIntf16.dll

C:\Users\Frank\AppData\Local\Temp\SIntf32.dll

C:\Users\Frank\AppData\Local\Temp\SIntfNT.dll

C:\Users\Frank\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Frank\AppData\Local\Temp\swt-win32-3349.dll

C:\Users\Frank\AppData\Local\Temp\vlc-2.0.4-win32.exe

C:\Users\Frank\AppData\Local\Temp\vlc-2.0.6-win32.exe

C:\Users\Frank\AppData\Local\Temp\vlc-2.0.8-win32.exe

C:\Users\Frank\AppData\Local\Temp\ydetect.exe

C:\Users\Frank\AppData\Local\Temp\_is2951.exe

C:\Users\Frank\AppData\Local\Temp\_is2FF6.exe

C:\Users\Frank\AppData\Local\Temp\_is35C0.exe

C:\Users\Frank\AppData\Local\Temp\_is4662.exe

C:\Users\Frank\AppData\Local\Temp\_is74B3.exe

C:\Users\Frank\AppData\Local\Temp\_is780C.exe

C:\Users\Frank\AppData\Local\Temp\_isB24F.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-01-29 14:41
 

==================== End Of Log ============================

--- --- ---

und das problem besteht nach wie vor.
ich farge mich warum es im privatmodus vomm ff nicht auftritt?