| golfverkauf | 21.12.2014 23:49 |
Sry, habe das erst jetzt mit dem # verstanden.
Also, das First:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by RT (administrator) on HR-PC on 21-12-2014 23:09:45
Running from L:\
Loaded Profile: RT (Available profiles: RT)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Apache Software Foundation) C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\tomcat6.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
() C:\Program Files (x86)\Search Extensions\Client.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\RunOnce: [Adobe Speed Launcher] => 1419148577
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: H - H:\Setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {0dc3ff26-491b-11e3-87d8-d850e6508f8f} - J:\Setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {66e83924-3e70-11e3-be4b-d850e6508f8f} - I:\Setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {88ad0616-4782-11e3-b27f-d850e6508f8f} - H:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {b7413a28-edba-11e3-950b-d850e6508f8f} - F:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {b7413a2a-edba-11e3-950b-d850e6508f8f} - G:\Setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {b7413a2c-edba-11e3-950b-d850e6508f8f} - H:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {b7413a2e-edba-11e3-950b-d850e6508f8f} - I:\Setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {ba7637ba-79c3-11e3-8f13-d850e6508f8f} - G:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {ba7637bc-79c3-11e3-8f13-d850e6508f8f} - H:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {c01752f5-4524-11e3-8eef-d850e6508f8f} - G:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {c38f2410-3e5f-11e3-8036-d850e6508f8f} - F:\Setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {eb8d031a-6c74-11e3-a588-d850e6508f8f} - L:\setup.exe
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\MountPoints2: {eb8d0321-6c74-11e3-a588-d850e6508f8f} - M:\setup.exe
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-3627534514-1321322892-4046135115-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-3627534514-1321322892-4046135115-1000] => http=127.0.0.1:49165;https=127.0.0.1:49165
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.silicon-computer.de
HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.silicon-computer.de
URLSearchHook: HKU\S-1-5-21-3627534514-1321322892-4046135115-1000 - YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\10.5\ytdToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKU\S-1-5-21-3627534514-1321322892-4046135115-1000 - YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\10.5\ytdToolbarIE.dll (Spigot, Inc.)
SearchScopes: HKLM -> DefaultScope {5BFDD0F2-8D89-4037-AE01-FFD898555B2A} URL = hxxp://www.google.de
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {5BFDD0F2-8D89-4037-AE01-FFD898555B2A} URL = hxxp://www.google.de
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-3627534514-1321322892-4046135115-1000 -> DefaultScope {A7137D9C-1C10-4D95-A7C1-FF974FF0B4F1} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3627534514-1321322892-4046135115-1000 -> {5BFDD0F2-8D89-4037-AE01-FFD898555B2A} URL =
SearchScopes: HKU\S-1-5-21-3627534514-1321322892-4046135115-1000 -> {A7137D9C-1C10-4D95-A7C1-FF974FF0B4F1} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Slick Savings -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\RT\AppData\Roaming\Slick Savings\Coupons64.dll (Spigot, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Slick Savings -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> C:\Users\RT\AppData\Roaming\Slick Savings\Coupons.dll (Spigot, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: YTD Toolbar -> {F3FEE66E-E034-436a-86E4-9690573BEE8A} -> C:\Program Files (x86)\YTD Toolbar\IE\10.5\ytdToolbarIE.dll (Spigot, Inc.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\10.5\ytdToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\10.5\ytdToolbarIE.dll (Spigot, Inc.)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Winsock: Catalog9 11 C:\Program Files (x86)\VMware\VMware Server\vsocklib.dll [313904] (VMware, Inc.)
Winsock: Catalog9 12 C:\Program Files (x86)\VMware\VMware Server\vsocklib.dll [313904] (VMware, Inc.)
Winsock: Catalog9-x64 11 C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll [410160] (VMware, Inc.)
Winsock: Catalog9-x64 12 C:\Program Files (x86)\VMware\VMware Server\x64\vsocklib.dll [410160] (VMware, Inc.)
Tcpip\..\Interfaces\{98BE0671-7976-4BAF-8258-EFCCADA692A5}: [NameServer] 172.31.255.254 8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://www.startpage.com
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*'))%20%7B%20return%20'PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\user.js
FF SearchPlugin: C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\searchplugins\yahoo_ff.xml
FF Extension: YouTube Unblocker - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-21]
FF Extension: Cliqz Beta - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\cliqz@cliqz.com.xpi [2014-09-16]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2014-07-27]
FF Extension: ProxTube - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-28]
FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2013-12-31]
FF Extension: NoScript - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-17]
FF Extension: Download Notifier Free - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\{84ed0987-fdb1-425c-b21a-c04f6da46552}.xpi [2014-08-01]
FF Extension: {b8af06b7-9772-40b8-99f1-b74a951cede4} - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\{b8af06b7-9772-40b8-99f1-b74a951cede4}.xpi [2014-07-27]
FF Extension: Adblock Plus - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-27]
FF Extension: DownThemAll! - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-04-21]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-26]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\content_blocker@kaspersky.com [2014-12-19]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2014-12-19]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\FFExt\online_banking@kaspersky.com [2014-12-19]
FF HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\RT\AppData\Roaming\Mozilla\Firefox\Profiles\4g61xwie.default\extensions\cliqz@cliqz.com
FF HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com [Not Found]
FF Extension: No Name - virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com [Not Found]
FF Extension: No Name - online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com [Not Found]
Chrome:
=======
CHR Profile: C:\Users\RT\AppData\Local\Google\Chrome\User Data\default
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\RT\AppData\Local\Slick Savings\coupons.crx [2014-03-30]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe [927232 2012-10-29] ()
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-10-25] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [253568 2009-11-18] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [137344 2009-11-18] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-07] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\RpcAgentSrv.exe [71832 2008-10-02] (SiSoftware) [File not signed]
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Server\vmware-authd.exe [121392 2009-10-20] (VMware, Inc.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe [322096 2009-10-20] ()
R2 VMwareServerWebAccess; C:\Program Files (x86)\VMware\VMware Server\tomcat\bin\Tomcat6.exe [57344 2009-10-20] (Apache Software Foundation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-21] ()
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-06] (Disc Soft Ltd)
R1 ElRawDisk; C:\Windows\system32\drivers\elrawdsk.sys [22224 2007-03-22] (EldoS Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2014-12-19] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [818888 2014-12-19] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2014-12-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP6\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2010-11-20] (Microsoft Corporation) [File not signed]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 23:09 - 2014-12-21 23:09 - 00000000 ____D () C:\FRST
2014-12-19 21:41 - 2014-12-19 21:41 - 00262144 _____ () C:\Windows\system32\config\elam
2014-12-19 18:01 - 2014-12-21 08:55 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-19 18:01 - 2014-12-19 18:03 - 00818888 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-12-19 18:01 - 2014-12-19 18:03 - 00150536 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-12-19 18:01 - 2014-12-19 18:01 - 00002146 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2014-12-19 18:01 - 2014-12-19 18:01 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-12-19 18:01 - 2014-12-19 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-12-19 18:01 - 2014-12-19 18:01 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-12-19 18:01 - 2014-08-12 18:33 - 00246456 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-12-19 18:01 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-12-18 13:15 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 13:15 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 22:37 - 2014-12-15 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-12-15 22:37 - 2014-12-15 22:37 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files (x86)\YTD Toolbar
2014-12-12 18:06 - 2014-12-12 18:06 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-12-11 22:37 - 2014-12-15 22:37 - 00001937 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-12-11 22:37 - 2014-12-15 22:37 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-12-11 03:46 - 2014-12-11 03:46 - 00000000 __SHD () C:\Users\RT\AppData\Local\EmieBrowserModeList
2014-12-10 15:13 - 2014-12-10 15:13 - 00000222 _____ () C:\Users\RT\Desktop\Batman Arkham Origins.url
2014-12-10 08:31 - 2014-12-10 08:31 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 08:21 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 08:21 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 08:01 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 08:01 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 08:01 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 08:01 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 08:01 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 08:01 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 08:01 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 08:01 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 08:01 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 08:01 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 08:01 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 08:01 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 08:01 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 08:01 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 08:01 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 08:01 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 08:01 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 08:01 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 08:01 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 08:01 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 08:01 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 08:01 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 08:01 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 08:01 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 08:01 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 08:01 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 08:01 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 08:01 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 08:01 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 08:01 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 08:01 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 08:01 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 08:01 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 08:01 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 08:01 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 08:01 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 08:01 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 08:01 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 08:01 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 08:01 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 08:01 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 08:01 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 08:01 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 08:01 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 08:01 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 08:01 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 08:01 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 08:01 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 08:01 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 08:01 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 08:01 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 08:01 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 08:01 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 08:01 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 08:01 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 08:01 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 08:01 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 08:01 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 08:01 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 08:01 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 08:00 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 08:00 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 08:00 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 08:00 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 08:00 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 07:56 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 07:56 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 07:56 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 07:56 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 07:56 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 07:56 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 07:56 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 07:56 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 07:56 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 07:56 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 07:56 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 07:56 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 07:56 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 07:56 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 20:42 - 2014-12-18 21:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-08 20:17 - 2014-12-08 20:17 - 00000000 ____D () C:\EE_TEST
2014-11-29 08:10 - 2014-11-29 08:10 - 00000000 ____D () C:\Users\RT\Documents\Diablo III
2014-11-21 14:29 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-21 14:29 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-21 14:29 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-21 14:29 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 22:58 - 2013-12-26 12:39 - 00411094 _____ () C:\Windows\system32\perfh011.dat
2014-12-21 22:58 - 2013-12-26 12:39 - 00392658 _____ () C:\Windows\system32\prfh0404.dat
2014-12-21 22:58 - 2013-12-26 12:39 - 00123006 _____ () C:\Windows\system32\perfc011.dat
2014-12-21 22:58 - 2013-12-26 12:39 - 00115996 _____ () C:\Windows\system32\prfc0404.dat
2014-12-21 22:58 - 2013-12-26 09:58 - 00375486 _____ () C:\Windows\system32\prfh0804.dat
2014-12-21 22:58 - 2013-12-26 09:58 - 00120498 _____ () C:\Windows\system32\prfc0804.dat
2014-12-21 22:58 - 2013-12-26 09:56 - 00422740 _____ () C:\Windows\system32\perfh012.dat
2014-12-21 22:58 - 2013-12-26 09:56 - 00121290 _____ () C:\Windows\system32\perfc012.dat
2014-12-21 22:58 - 2009-07-14 18:58 - 00701814 _____ () C:\Windows\system32\perfh007.dat
2014-12-21 22:58 - 2009-07-14 18:58 - 00150480 _____ () C:\Windows\system32\perfc007.dat
2014-12-21 22:58 - 2009-07-14 06:13 - 03709806 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-21 22:48 - 2014-06-15 08:50 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-21 18:56 - 2013-10-25 11:03 - 02059613 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 15:00 - 2014-06-15 08:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-21 13:40 - 2014-10-02 21:20 - 00000000 ____D () C:\Users\RT\AppData\Local\Battle.net
2014-12-21 10:09 - 2013-10-26 17:32 - 00000000 ____D () C:\Users\RT\AppData\Roaming\vlc
2014-12-21 08:59 - 2009-07-14 05:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 08:59 - 2009-07-14 05:45 - 00021904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 08:52 - 2014-08-22 23:06 - 00000000 ____D () C:\ProgramData\VMware
2014-12-21 08:52 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 08:52 - 2009-07-14 05:51 - 00071753 _____ () C:\Windows\setupact.log
2014-12-19 21:41 - 2014-10-18 16:23 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2014-12-19 18:03 - 2014-08-13 19:34 - 00077512 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwtp.sys
2014-12-19 17:51 - 2013-10-25 10:56 - 00055954 _____ () C:\Windows\PFRO.log
2014-12-19 17:30 - 2013-10-26 18:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-19 17:24 - 2014-08-31 00:18 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-12-18 22:20 - 2013-10-26 18:13 - 00000000 ____D () C:\Users\RT\AppData\Roaming\Skype
2014-12-13 19:03 - 2014-07-19 22:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 19:03 - 2013-10-26 18:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-11 22:37 - 2014-08-24 22:23 - 00000000 ____D () C:\Users\RT\AppData\Local\Adobe
2014-12-11 22:37 - 2013-10-26 16:21 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-11 22:37 - 2013-10-26 16:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 22:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 20:04 - 2014-10-02 21:20 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-10 08:34 - 2013-10-26 17:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 08:31 - 2014-04-29 01:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 08:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-12-10 08:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-12-10 08:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-12-10 08:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-12-10 08:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 08:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 08:25 - 2013-10-26 18:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 08:24 - 2013-10-25 11:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 08:22 - 2013-10-25 11:46 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 07:47 - 2013-10-26 15:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-07 09:06 - 2013-10-30 22:40 - 00000131 _____ () C:\Windows\ChssBase.ini
2014-12-07 08:40 - 2014-09-15 19:30 - 00000000 ____D () C:\Users\RT\AppData\Roaming\avidemux
2014-11-23 23:20 - 2013-10-28 15:10 - 00000000 ____D () C:\Users\RT\AppData\Roaming\DVDVideoSoft
2014-11-22 11:05 - 2013-12-10 16:42 - 00000000 ____D () C:\Users\RT\Desktop\Bewerbungen
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-15 05:53
Und das Addition:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2014 01
Ran by RT at 2014-12-21 23:10:01
Running from L:\
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
“RocketTab” (HKLM-x32\...\RocketTab) (Version: - “RocketTab”)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
B010 (x32 Version: 140.0.344.000 - Hewlett-Packard) Hidden
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version: - Rocksteady Studios)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battle Worlds Kronos - Demo Version 1.1.0 (HKLM-x32\...\c71f977e-5c44-11e3-8548-00259002de12_is1) (Version: 1.1.0 - KING Art Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
CBReader (HKLM-x32\...\CBReader ) (Version: - ChessBase GmbH)
CCS64 V3.9.1 (HKLM-x32\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
ChessBase Reader (HKLM-x32\...\{5CB9C9E4-6AA6-4A71-86A5-4C32781E70BD}) (Version: 12.28.0.0 - ChessBase)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: - )
Creative-Systeminformationen (HKLM-x32\...\SysInfo) (Version: - )
CyberGhost 5 (HKLM\...\CyberGhost VPN 5_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Deponia (HKLM-x32\...\Deponia) (Version: 1.0 - Daedalic Entertainment)
Destinations (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DMP Panzercorps Pazifik Korps Add-On v.2.0 (HKLM-x32\...\{88739372-C9C6-48CB-9012-F58D7B721EC2}_is1) (Version: - DMP)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVBViewer TERRATEC Edition (HKLM-x32\...\DVBViewer TERRATEC Edition_is1) (Version: - CM&V)
eMule (HKLM-x32\...\eMule) (Version: - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.)
Fritz 8 SE Plus (HKLM-x32\...\{AF8244F5-FDD0-482D-B680-B1D16ABB96EB}) (Version: 8.0.0.3 - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart B010 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{81830FEF-866C-4DC0-9435-B6287B1EDD8A}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
K-Lite Codec Pack 10.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Magic 2014 (HKLM-x32\...\Steam App 213850) (Version: - Stainless Games)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar Studios)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (简体中文) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2052) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1(한국어) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1042) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MP4 To MP3 Converter V3.0.5 (HKLM-x32\...\MP4 To MP3 Converter_is1) (Version: - hxxp://www.MP4ToMP3Converter.net)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Panzer Corps (HKLM-x32\...\Panzer Corps1.00) (Version: 1.00 - Slitherine)
Panzer Corps Allied Corps (HKLM-x32\...\Panzer Corps Allied Corps1.20) (Version: 1.20 - Slitherine)
Panzer Corps Grand Campaign 45 West DLC10 (HKLM-x32\...\Panzer Corps Grand Campaign 45 WestDLC101.00) (Version: 1.13 - Slitherine)
Panzer General 2 WARZONE edition (HKLM-x32\...\Panzer General 2 WARZONE edition) (Version: DEC 2010 - Panzer General 2 WARZONE edition) <==== ATTENTION!
Panzer General Special Edition (HKLM-x32\...\Panzer General Special Edition_is1) (Version: - )
Panzer Tactics HD (HKLM-x32\...\Steam App 277630) (Version: - Sproing)
PanzerIIID 3D v2.5 (HKLM-x32\...\Panzer General 3D PL v2.5_is1) (Version: - )
Pfadfinder 2.0 (HKLM-x32\...\{F0AF5265-0E76-4AC0-AE45-ACA6428D5EDA}) (Version: 1.0.24 - Bildungshaus Schulbuchverlage GmbH, Braunschweig)
PS_AIO_07_B010_SW_Min (x32 Version: 140.0.224.000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QJ2012 (HKLM-x32\...\QJ2012) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Rund um (2.0) ... Klartext 8 (HKLM-x32\...\{B168D1DE-B97F-4876-8BD2-AAFF867B353D}) (Version: 1.00.0000 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Rund um (2.0) ... Klartext 9 (HKLM-x32\...\{DD4A3C8C-00E2-455D-A3CF-0F127556A899}) (Version: 1.00.0000 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.5 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.2.1 - Samsung Electronics)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
simplitec simplicheck (HKLM-x32\...\{328ADEEA-4B1D-4B37-87D5-E3718E1CDB01}) (Version: 1.2.6.0 - simplitec GmbH)
SiSoftware Sandra Lite 2013.SP6 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.66.2013.10 - SiSoftware)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Slick Savings (HKLM-x32\...\{3A787631-66A2-4634-B928-A37E73B58FB6}) (Version: 1.3 - Spigot, Inc.) <==== ATTENTION
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Sound Blaster Audigy (HKLM-x32\...\{1B1DDAD2-C704-49F8-8FC2-18DAAD9A87C5}) (Version: 1.0 - )
Spellforce 2: Gold Edition (HKLM-x32\...\Steam App 39550) (Version: - Phenomic)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
TERRATEC Cinergy T Stick+ (64 Bit) (HKLM-x32\...\{40F7933E-E265-474C-8994-4193BC4D1EBC}) (Version: 86.001.1129.2011 - TERRATEC)
The Book Of Unwritten Tales Version 1.02 (HKLM-x32\...\The Book Of Unwritten Tales_is1) (Version: 1.02 - Crimson Cow GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Whispered World (HKLM-x32\...\The Whispered World) (Version: 1.1 - Daedalic Entertainment)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version: - )
Tomb Raider: Legend 1.2 (HKLM-x32\...\Tomb Raider: Legend) (Version: - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
Video DVD Maker v3.30.0.75 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Server (HKLM-x32\...\{AF08C71F-F822-4416-87A9-2BBF5A8A5F12}) (Version: 2.0.0.2712 - VMware, Inc.)
War Thunder Launcher 1.0.1.302 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\Warcraft III) (Version: - )
WarZone Client v1.0.49 (HKLM-x32\...\WarZone Client v1.0.49) (Version: - )
WarZone Client version 1.0.56 (HKLM-x32\...\WarZone Client_is1) (Version: 1.0.56 - )
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WildBit Viewer (HKLM-x32\...\WildBit Viewer_is1) (Version: 6.0 - WildBit Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - TERRATEC (RTL2832U_IRHID) HIDClass (06/17/2010 8664.001.0617.2010) (HKLM\...\832E5A8CFCF883BE35B792BF10CCBA5C9AEC98BA) (Version: 06/17/2010 8664.001.0617.2010 - TERRATEC)
Windows-Treiberpaket - TERRATEC (RTL2832UUSB) MEDIA (08/02/2010 64.001.0802.2010) (HKLM\...\4CCE055897CD96DF140A4635E8FE9D7F91056439) (Version: 08/02/2010 64.001.0802.2010 - TERRATEC)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version: - MachineGames)
xp-AntiSpy 3.98-2 (HKLM-x32\...\xp-AntiSpy) (Version: - Christian Taubenheim)
YaCy (HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\YaCy) (Version: - )
Yahoo Community Smartbar (HKLM-x32\...\{D7403121-68C2-48BC-874D-048015E60DF0}) (Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKU\S-1-5-21-3627534514-1321322892-4046135115-1000\...\{bdf57817-132e-45e2-a475-6bcf91ed743d}) (Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION
YTD Toolbar v10.5 (HKLM-x32\...\{47C0D955-1B32-40C7-977D-96E83109C2F8}) (Version: 10.5 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 4.8.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.4 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3627534514-1321322892-4046135115-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3627534514-1321322892-4046135115-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Restore Points =========================
16-12-2014 17:17:42 Windows Update
18-12-2014 14:33:11 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0D689D07-E4D9-4088-9246-606F574392B6} - System32\Tasks\{E31D68ED-10D4-4922-89FB-D38D8262DEFE} => pcalua.exe -a E:\monsetup.exe -d E:\
Task: {852F8DA5-BCB9-4457-9DA5-8155DAEF2EDF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-15] (Google Inc.)
Task: {86A7B0C9-7166-4805-BE0A-1DE3E9F8B1AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-15] (Google Inc.)
Task: {96B794EE-2853-499E-9884-A3A5936DEE80} - System32\Tasks\RocketTab => cmd.exe /C start "" "C:\Program Files (x86)\Search Extensions\Client.exe" /Preferred=true <==== ATTENTION
Task: {D031B217-2A7E-4B0B-B5F2-AE1158AF348D} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {E99D1C94-BAE1-4EE0-83A6-4B4E56981852} - System32\Tasks\{F67A6570-53C5-42DC-B9BD-B9DC1553EC9F} => Firefox.exe hxxp://ui.skype.com/ui/0/6.18.0.105/de/abandoninstall?source=lightinstaller&page=tsPlugin
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-10-25 12:09 - 2012-10-29 14:48 - 00927232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\atkexComSvc.exe
2014-03-07 23:11 - 2014-03-07 23:11 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-10-20 14:21 - 2009-10-20 14:21 - 00322096 _____ () C:\Program Files (x86)\VMware\VMware Server\vmware-hostd.exe
2014-10-18 16:23 - 2014-10-18 16:23 - 01425128 _____ () C:\Program Files (x86)\Search Extensions\Client.exe
2013-10-25 12:09 - 2014-12-21 08:52 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\PEbiosinterface32.dll
2013-10-25 12:09 - 2012-05-07 23:04 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.01\ATKEX.dll
2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\kpcengine.2.3.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 00970288 _____ () C:\Program Files (x86)\VMware\VMware Server\libxml2.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 00068656 _____ () C:\Program Files (x86)\VMware\VMware Server\zlib1.dll
2009-10-20 14:22 - 2009-10-20 14:22 - 17091120 _____ () C:\Program Files (x86)\VMware\VMware Server\types.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 05196336 _____ () C:\Program Files (x86)\VMware\VMware Server\platform.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 01100336 _____ () C:\Program Files (x86)\VMware\VMware Server\common.dll
2009-10-20 14:22 - 2009-10-20 14:22 - 02153008 _____ () C:\Program Files (x86)\VMware\VMware Server\hostsvc.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 00318000 _____ () C:\Program Files (x86)\VMware\VMware Server\internalsvc.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 00653872 _____ () C:\Program Files (x86)\VMware\VMware Server\nfcsvc.dll
2009-10-20 13:01 - 2009-10-20 13:01 - 00842288 _____ () C:\Program Files (x86)\VMware\VMware Server\libeay32.dll
2009-10-20 13:01 - 2009-10-20 13:01 - 00162352 _____ () C:\Program Files (x86)\VMware\VMware Server\ssleay32.dll
2009-10-20 14:22 - 2009-10-20 14:22 - 02894384 _____ () C:\Program Files (x86)\VMware\VMware Server\diskLibWrapper.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 00178736 _____ () C:\Program Files (x86)\VMware\VMware Server\proxysvc.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 00834096 _____ () C:\Program Files (x86)\VMware\VMware Server\solo.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 00404016 _____ () C:\Program Files (x86)\VMware\VMware Server\statssvc.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 00096816 _____ () C:\Program Files (x86)\VMware\VMware Server\supportsvc.dll
2009-10-20 14:22 - 2009-10-20 14:22 - 00117296 _____ () C:\Program Files (x86)\VMware\VMware Server\vcsvc.dll
2009-10-20 14:22 - 2009-10-20 14:22 - 02767408 _____ () C:\Program Files (x86)\VMware\VMware Server\vimsvc.dll
2009-10-20 14:21 - 2009-10-20 14:21 - 02718256 _____ () C:\Program Files (x86)\VMware\VMware Server\vmsvc.dll
2013-10-26 18:08 - 2013-03-12 12:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-10-27 09:07 - 1996-05-03 23:05 - 00028672 _____ () C:\Windows\SysWOW64\MSGHOO32.OCX
2014-12-21 22:56 - 2014-12-21 22:50 - 27806772 _____ () L:\detekt.exe
2014-12-21 22:58 - 2014-12-21 22:58 - 01689088 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\PyQt4.QtCore.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00077824 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\sip.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00324608 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\PIL._imaging.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00715264 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\_hashlib.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00098816 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\win32api.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00110080 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\pywintypes27.dll
2014-12-21 22:58 - 2014-12-21 22:58 - 00364544 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\pythoncom27.dll
2014-12-21 22:58 - 2014-12-21 22:58 - 05940224 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\PyQt4.QtGui.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00325120 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\PyQt4.QtWebKit.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00502784 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\PyQt4.QtNetwork.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00046080 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\_socket.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 01160704 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\_ssl.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00686080 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\unicodedata.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00087552 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\_ctypes.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00152576 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\yara.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00320512 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\win32com.shell.shell.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00042496 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\win32service.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00010240 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\select.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00096256 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\distorm3.dll
2014-12-21 22:58 - 2014-12-21 22:58 - 00119808 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\win32file.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00128512 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\_elementtree.pyd
2014-12-21 22:58 - 2014-12-21 22:58 - 00127488 _____ () C:\Users\RT\AppData\Local\Temp\_MEI51722\pyexpat.pyd
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SetPointII.lnk => C:\Windows\pss\SetPointII.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^RT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupfolder: C:^Users^RT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupfolder: C:^Users^RT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk => C:\Windows\pss\simplicheck.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: ctfmon.exe => "C:\Windows\system32\ctfmon.exe"
MSCONFIG\startupreg: CTSysVol => C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart /min
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: MSN Toolbar => "C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
MSCONFIG\startupreg: P17RunE => RunDll32 P17RunE.dll,RunDLLEntry
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Slick Savings => "C:\Users\RT\AppData\Roaming\Slick Savings\CouponsHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-3627534514-1321322892-4046135115-500 - Administrator - Disabled)
Gast (S-1-5-21-3627534514-1321322892-4046135115-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3627534514-1321322892-4046135115-1002 - Limited - Enabled)
RT (S-1-5-21-3627534514-1321322892-4046135115-1000 - Administrator - Enabled) => C:\Users\RT
__vmware_user__ (S-1-5-21-3627534514-1321322892-4046135115-1004 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/21/2014 10:58:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/29/2014 10:17:54 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005. Prozess-ID (dezimal): 5368. Meldungs-ID: [0x2509].
Error: (10/02/2014 01:30:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.20.0.104, Zeitstempel: 0x53fd9215
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x118c
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (09/18/2014 08:20:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PG3DE250.exe, Version: 1.0.1.3, Zeitstempel: 0x51d05512
Name des fehlerhaften Moduls: PG3DE250.exe, Version: 1.0.1.3, Zeitstempel: 0x51d05512
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00010d47
ID des fehlerhaften Prozesses: 0x9ec
Startzeit der fehlerhaften Anwendung: 0xPG3DE250.exe0
Pfad der fehlerhaften Anwendung: PG3DE250.exe1
Pfad des fehlerhaften Moduls: PG3DE250.exe2
Berichtskennung: PG3DE250.exe3
Error: (09/18/2014 08:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PG3DE250.exe, Version: 1.0.1.3, Zeitstempel: 0x51d05512
Name des fehlerhaften Moduls: PG3DE250.exe, Version: 1.0.1.3, Zeitstempel: 0x51d05512
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007a183
ID des fehlerhaften Prozesses: 0x11d8
Startzeit der fehlerhaften Anwendung: 0xPG3DE250.exe0
Pfad der fehlerhaften Anwendung: PG3DE250.exe1
Pfad des fehlerhaften Moduls: PG3DE250.exe2
Berichtskennung: PG3DE250.exe3
Error: (09/18/2014 08:20:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PG3DE250.exe, Version: 1.0.1.3, Zeitstempel: 0x51d05512
Name des fehlerhaften Moduls: PG3DE250.exe, Version: 1.0.1.3, Zeitstempel: 0x51d05512
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007a183
ID des fehlerhaften Prozesses: 0x1758
Startzeit der fehlerhaften Anwendung: 0xPG3DE250.exe0
Pfad der fehlerhaften Anwendung: PG3DE250.exe1
Pfad des fehlerhaften Moduls: PG3DE250.exe2
Berichtskennung: PG3DE250.exe3
Error: (09/18/2014 08:19:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PG3DE250.exe, Version: 1.0.1.3, Zeitstempel: 0x51d05512
Name des fehlerhaften Moduls: PG3DE250.exe, Version: 1.0.1.3, Zeitstempel: 0x51d05512
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0007a183
ID des fehlerhaften Prozesses: 0x2e8
Startzeit der fehlerhaften Anwendung: 0xPG3DE250.exe0
Pfad der fehlerhaften Anwendung: PG3DE250.exe1
Pfad des fehlerhaften Moduls: PG3DE250.exe2
Berichtskennung: PG3DE250.exe3
Error: (09/15/2014 10:34:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Assistant_UninstallOldPerUser.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.IOException
Stapel:
bei System.IO.__Error.WinIOError(Int32, System.String)
bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
bei System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)
bei System.IO.StreamWriter..ctor(System.String, Boolean)
bei MP.Assistant.UninstallOldPerUser.Form1..ctor()
bei MP.Assistant.UninstallOldPerUser.Program.Main()
Error: (09/15/2014 07:04:02 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: HR-PC)
Description: Die Anwendung oder der Dienst "Movie Maker" konnte nicht heruntergefahren werden.
Error: (09/15/2014 01:34:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 32.0.1.5367, Zeitstempel: 0x541259dd
Name des fehlerhaften Moduls: mozalloc.dll, Version: 32.0.1.5367, Zeitstempel: 0x541225d2
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xa98
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
System errors:
=============
Error: (12/21/2014 08:52:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (12/20/2014 08:35:41 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (12/19/2014 09:41:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (12/19/2014 09:41:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
KLIM6
Error: (12/19/2014 09:41:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 19.12.2014 um 21:40:14 unerwartet heruntergefahren.
Error: (12/19/2014 06:14:48 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Ñonnection is not established
Error: (12/19/2014 06:14:48 PM) (Source: KLIF) (EventID: 0) (User: )
Description: Ñonnection is not established
Error: (12/19/2014 06:14:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Kaspersky Anti-Virus NDIS 6 Filter" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5
Error: (12/19/2014 05:51:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}{BC50CF2A-E12C-4F18-90CE-714CC8600CEE}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (12/19/2014 05:25:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WMI-Leistungsadapter" wurde mit folgendem Fehler beendet:
%%-2147467259
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-05-24 08:35:57.369
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 08:35:57.368
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 08:35:57.367
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 08:35:57.365
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 08:35:57.364
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 08:35:57.363
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-23 07:32:59.174
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-23 07:32:59.174
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-23 07:32:59.174
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-23 07:32:59.158
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4430 CPU @ 3.00GHz
Percentage of memory in use: 34%
Total physical RAM: 8131.42 MB
Available physical RAM: 5303.81 MB
Total Pagefile: 16261.02 MB
Available Pagefile: 14011.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:119.14 GB) (Free:23.02 GB) NTFS
Drive d: (Daten) (Fixed) (Total:931.51 GB) (Free:440.58 GB) NTFS
Drive f: (Fritztrainer) (CDROM) (Total:2.85 GB) (Free:0 GB) UDF
Drive g: (Fritztrainer) (CDROM) (Total:2.77 GB) (Free:0 GB) UDF
Drive h: (Fritztrainer) (CDROM) (Total:1.8 GB) (Free:0 GB) UDF
Drive i: (Fritztrainer) (CDROM) (Total:1.75 GB) (Free:0 GB) UDF
Drive l: (NEU) (Removable) (Total:14.99 GB) (Free:9.55 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 2642D918)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CAEBA963)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 15 GB) (Disk ID: 6E652072)
No partition Table on disk 2.
==================== End Of Log ============================
--- --- ---
--- --- ---
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
AdwCleaner auf deinen Desktop.
TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Malwarebytes Anti-Malware 
dann auf 
und dann auf 
. 
