| |
| |||||||
Log-Analyse und Auswertung: Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
05.07.2014, 18:58
| #1 |
 |  Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Hallo, ein plötzlich auftretendes Problem zieht mich mal wieder hierher. Und zwar ist es so, dass auf einmal Seiten wie die Google Suche/Maps, Facebook und Youtube nicht mehr richtig bzw. nur teilweise geladen werden. Internetverbindung ist Ok. Mein Laptop hat diese Probleme nicht. Andere Internetseiten auf den ich sonst verkehre, zeigen auch kein solches Verhalten. Auch ein Browserwechsel hat nichts gebracht. Lediglich funktionierte Avast Antivirus nicht mehr richtig worauf ich es dann deinstalliert habe und Antivir installiert habe. Avast wurde zwar gestartet und vom System scheinbar ausgeführt, aber ich konnte nicht mehr auf das Programm zugreifen oder es steuern. Hier die Logs: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:36 on 05/07/2014 (Infar)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by Infar (administrator) on ASUSI5 on 05-07-2014 19:38:19 Running from C:\Users\Infar\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbirt\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Users\Infar\Desktop\Tor Browser\Browser\firefox.exe () C:\Users\Infar\Desktop\Tor Browser\Tor\tor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor) HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe [1783296 2006-07-23] (Logitech Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-06-17] (Avira Operations GmbH & Co. KG) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEBFBA7B13BE9CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default FF Homepage: about:home FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\searchplugins\duckduckgo.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: German Dictionary - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08] FF Extension: Ghostery - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\firefox@ghostery.com.xpi [2013-08-03] FF Extension: NoScript - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-25] FF Extension: Adblock Plus - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-21] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25] CHR Extension: (Google Drive) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25] CHR Extension: (YouTube) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-25] CHR Extension: (Google-Suche) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-25] CHR Extension: (Google Wallet) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-25] CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-06-25] CHR Extension: (Google Mail) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25] CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-12-29] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-17] (Avira Operations GmbH & Co. KG) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-14] () ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-17] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-17] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-06-17] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-20] (DT Soft Ltd) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-05] (Malwarebytes Corporation) S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.) [File not signed] S3 usbser64; C:\Windows\System32\DRIVERS\usbser.sys [33280 2013-08-29] (Microsoft Corporation) S3 catchme; \??\C:\cofi\catchme.sys [X] S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X] S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X] S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-05 19:38 - 2014-07-05 19:38 - 00012127 _____ () C:\Users\Infar\Desktop\FRST.txt 2014-07-05 19:38 - 2014-07-05 19:38 - 00000000 ____D () C:\FRST 2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00380416 _____ () C:\Users\Infar\Downloads\4v6e52ng.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable 2014-07-05 19:35 - 2014-07-05 19:35 - 00050477 _____ () C:\Users\Infar\Downloads\Defogger.exe 2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser 2014-07-02 17:48 - 2014-07-02 17:50 - 27437354 _____ () C:\Users\Infar\Downloads\torbrowser-install-3.6.2_de.exe 2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios 2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk 2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle 2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url 2014-07-01 16:48 - 2014-07-05 17:07 - 00000280 _____ () C:\Windows\setupact.log 2014-07-01 16:48 - 2014-07-01 16:48 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-26 11:44 - 2014-06-26 11:44 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-06-25 22:01 - 2014-06-25 22:01 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\ProgramData\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-06-25 21:59 - 2014-06-17 16:25 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-25 21:59 - 2014-06-17 16:25 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-25 21:59 - 2014-06-17 16:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-06-25 21:42 - 2014-07-05 19:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-25 21:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-25 21:41 - 2014-07-05 18:51 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-25 21:41 - 2014-07-05 17:08 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-25 21:41 - 2014-06-26 02:46 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-25 21:41 - 2014-06-26 02:46 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-25 21:41 - 2014-06-25 21:42 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google 2014-06-25 21:41 - 2014-06-25 21:41 - 40514640 _____ (Google Inc.) C:\Users\Infar\Downloads\ChromeStandaloneSetup_35.0.1916.153.exe 2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-25 20:25 - 2014-06-25 20:30 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa 2014-06-17 11:59 - 2014-06-17 12:01 - 00000000 ____D () C:\Users\Infar\Documents\Sony PMB 2014-06-17 11:58 - 2014-06-25 21:35 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-06-17 11:54 - 2014-06-25 21:35 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared 2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation 2014-06-17 11:44 - 2014-06-25 21:33 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url 2014-06-14 00:45 - 2014-06-14 00:46 - 00000000 ____D () C:\Users\Infar\Documents\BFH.Beta 2014-06-12 09:13 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-12 09:13 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-12 09:13 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-12 09:13 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-12 09:13 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-12 09:13 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-12 09:13 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-12 09:13 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-12 09:13 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-12 09:13 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-12 09:13 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-12 09:13 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-12 09:13 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-12 09:13 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-12 09:13 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-12 09:13 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-12 09:13 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-12 09:13 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-12 09:13 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-12 09:13 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-12 09:13 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-12 09:13 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-12 09:13 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-12 09:13 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-12 09:13 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-12 09:13 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-12 09:13 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-12 09:13 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-12 09:13 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-12 09:13 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-12 09:13 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-12 09:13 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-12 09:13 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-12 09:13 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-12 09:13 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-12 09:13 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-12 09:13 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-12 09:13 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-12 09:13 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-12 09:13 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-12 09:13 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-12 09:13 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-12 09:13 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-12 09:13 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-12 09:13 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-12 09:13 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-12 09:13 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-12 09:13 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-12 09:13 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-12 09:13 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-12 09:13 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-12 09:13 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-12 09:13 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-12 09:13 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-12 09:13 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-12 09:13 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-12 09:13 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 09:13 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-12 09:13 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-12 09:13 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-12 09:13 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-12 09:13 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-09 14:55 - 2014-07-01 17:29 - 00001056 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt 2014-06-07 10:24 - 2014-06-07 10:24 - 00000000 ____D () C:\Users\Infar\Documents\Wizards of the Coast ==================== One Month Modified Files and Folders ======= 2014-07-05 19:38 - 2014-07-05 19:38 - 00012127 _____ () C:\Users\Infar\Desktop\FRST.txt 2014-07-05 19:38 - 2014-07-05 19:38 - 00000000 ____D () C:\FRST 2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00380416 _____ () C:\Users\Infar\Downloads\4v6e52ng.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable 2014-07-05 19:36 - 2011-01-20 19:03 - 00000000 ____D () C:\Users\Infar 2014-07-05 19:35 - 2014-07-05 19:35 - 00050477 _____ () C:\Users\Infar\Downloads\Defogger.exe 2014-07-05 19:30 - 2014-06-25 21:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-05 18:55 - 2013-09-12 17:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-05 18:51 - 2014-06-25 21:41 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-05 17:46 - 2011-07-14 15:03 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\TS3Client 2014-07-05 17:16 - 2012-05-08 21:01 - 01710122 _____ () C:\Windows\WindowsUpdate.log 2014-07-05 17:16 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-05 17:16 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-05 17:15 - 2011-01-21 19:21 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E32FF8B6-3DA1-40CE-9FEC-BE9BD0085B0F} 2014-07-05 17:10 - 2012-10-10 18:29 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-05 17:08 - 2014-06-25 21:41 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-05 17:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-05 17:07 - 2014-07-01 16:48 - 00000280 _____ () C:\Windows\setupact.log 2014-07-03 17:59 - 2012-09-18 18:31 - 00000000 ____D () C:\ProgramData\Origin 2014-07-03 17:41 - 2013-03-06 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-07-03 17:02 - 2012-10-28 11:57 - 00000000 ____D () C:\Users\Infar\AppData\Local\Canon Easy-PhotoPrint EX 2014-07-03 17:02 - 2012-10-28 11:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-07-03 16:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser 2014-07-02 20:21 - 2012-08-07 21:49 - 00000000 ____D () C:\Users\Infar\AppData\Local\CrashDumps 2014-07-02 17:50 - 2014-07-02 17:48 - 27437354 _____ () C:\Users\Infar\Downloads\torbrowser-install-3.6.2_de.exe 2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios 2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk 2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle 2014-07-01 19:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-01 19:13 - 2013-03-06 16:36 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url 2014-07-01 19:02 - 2012-10-10 18:35 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-07-01 17:29 - 2014-06-09 14:55 - 00001056 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt 2014-07-01 16:48 - 2014-07-01 16:48 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-30 17:51 - 2014-05-25 13:26 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Tropico 5 2014-06-29 13:43 - 2011-07-14 15:00 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-06-26 11:44 - 2014-06-26 11:44 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-06-26 11:40 - 2012-12-13 17:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\vlc 2014-06-26 02:46 - 2014-06-25 21:41 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-26 02:46 - 2014-06-25 21:41 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-25 22:01 - 2014-06-25 22:01 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\ProgramData\Avira 2014-06-25 21:59 - 2014-06-25 21:59 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-06-25 21:41 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google 2014-06-25 21:42 - 2012-01-15 19:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-25 21:42 - 2011-05-22 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-25 21:42 - 2011-05-15 19:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Malwarebytes 2014-06-25 21:41 - 2014-06-25 21:41 - 40514640 _____ (Google Inc.) C:\Users\Infar\Downloads\ChromeStandaloneSetup_35.0.1916.153.exe 2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-25 21:41 - 2011-05-22 09:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-06-25 21:35 - 2014-06-17 11:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-06-25 21:35 - 2014-06-17 11:54 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared 2014-06-25 21:33 - 2014-06-17 11:44 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-06-25 21:32 - 2012-04-23 21:28 - 00000000 ____D () C:\Windows\pss 2014-06-25 21:10 - 2014-04-22 16:23 - 00000000 ____D () C:\Users\Infar\Desktop\qp33 2014-06-25 20:30 - 2014-06-25 20:25 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa 2014-06-17 16:25 - 2014-06-25 21:59 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-06-17 16:25 - 2014-06-25 21:59 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-06-17 16:25 - 2014-06-25 21:59 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-06-17 12:03 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2014-06-17 12:03 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2014-06-17 12:03 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-17 12:01 - 2014-06-17 11:59 - 00000000 ____D () C:\Users\Infar\Documents\Sony PMB 2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation 2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url 2014-06-16 10:03 - 2013-09-12 17:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-06-16 10:03 - 2012-12-23 13:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-06-16 10:03 - 2012-12-23 13:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-14 00:46 - 2014-06-14 00:45 - 00000000 ____D () C:\Users\Infar\Documents\BFH.Beta 2014-06-14 00:44 - 2013-11-05 19:25 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-06-14 00:06 - 2013-04-27 13:14 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-06-14 00:06 - 2011-10-29 14:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-06-12 16:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-12 13:13 - 2011-01-20 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-12 11:56 - 2013-08-14 20:40 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-12 11:55 - 2011-02-25 21:45 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-12 11:53 - 2014-04-30 19:45 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-12 09:08 - 2011-11-18 21:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbirt 2014-06-08 11:13 - 2014-06-12 09:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-12 09:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-07 10:24 - 2014-06-07 10:24 - 00000000 ____D () C:\Users\Infar\Documents\Wizards of the Coast 2014-06-07 09:36 - 2013-10-25 21:11 - 00000000 ____D () C:\Users\Infar\AppData\Local\Battle.net 2014-06-07 09:30 - 2013-10-25 21:11 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-06-07 08:57 - 2014-03-21 20:59 - 00000000 ____D () C:\Users\Infar\Documents\NCSOFT 2014-06-07 08:57 - 2014-03-21 18:39 - 00000000 ____D () C:\Users\Infar\AppData\Local\NCSOFT 2014-06-07 08:57 - 2014-03-21 18:39 - 00000000 ____D () C:\Program Files (x86)\NCSOFT Some content of TEMP: ==================== C:\Users\Infar\AppData\Local\Temp\avgnt.exe C:\Users\Infar\AppData\Local\Temp\Gw2.exe C:\Users\Infar\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Infar\AppData\Local\Temp\raptrpatch.exe C:\Users\Infar\AppData\Local\Temp\raptr_stub.exe C:\Users\Infar\AppData\Local\Temp\sonarinst.exe C:\Users\Infar\AppData\Local\Temp\Uninstall.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-29 18:15 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Infar at 2014-07-05 19:38:52
Running from C:\Users\Infar\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.02 - Piriform)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
FlashFXP (x32 Version: 4.3.0.1904 - OpenSight Software LLC) Hidden
FlashFXP 4.3.0.1904 (HKLM-x32\...\FlashFXP 4.3.0.1904) (Version: 4.3.0.1904 - OpenSight Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version: - Lightmare Studios)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader (HKLM-x32\...\JDownloader) (Version: - AppWork UG (haftungsbeschränkt))
Logitech G11 Keyboard Software 1.03 (HKLM\...\{59427B1F-852F-4AF1-8215-E5B12F966D89}) (Version: 1.3.166.0 - Logitech)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
marvell 91xx console driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell)
MechWarrior Online (HKLM-x32\...\{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}) (Version: 1.4.1.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 1.9 - Krzysztof Kowalczyk)
System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Tropico 5 - Steam Special Edition (HKLM-x32\...\{96C8FF19-C95E-44A7-A238-95692578538F}_is1) (Version: 1.1.0 - Kalypso)
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
03-07-2014 16:51:32 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-17 11:17 - 2013-08-17 11:18 - 00000025 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {01F12F72-6552-4D69-862E-DA9856A19B8D} - System32\Tasks\9625c7e0 => C:\Users\Infar\AppData\Local\Temp\\setup1280905984.exe <==== ATTENTION
Task: {1E68A066-1766-4FA5-919C-C2095E778786} - System32\Tasks\fc55d6c0 => C:\Users\Infar\AppData\Local\Temp\\setup3322390240.exe <==== ATTENTION
Task: {26F9F759-4111-4C6A-A465-B373BFAC0D8E} - System32\Tasks\c20c4a00 => C:\Users\Infar\AppData\Local\Temp\\setup3092055936.exe <==== ATTENTION
Task: {29542135-9888-456F-85A9-BD6F10514AEB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-16] (Adobe Systems Incorporated)
Task: {33489E1B-29BA-4FD3-8AB0-244B576A1C27} - System32\Tasks\e52f9740 => C:\Users\Infar\AppData\Local\Temp\\setup3004092320.exe <==== ATTENTION
Task: {362E9211-A2DE-4FC9-887B-8106CAD0461A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-25] (Google Inc.)
Task: {3AFE7A13-A293-4F31-BBC3-0B00EDB8CD40} - System32\Tasks\68b11ec0 => C:\Users\Infar\AppData\Local\Temp\\setup1546186528.exe <==== ATTENTION
Task: {3F0D9AED-91CE-48AB-B909-414F9B1B1CE7} - System32\Tasks\59cfc740 => C:\Users\Infar\AppData\Local\Temp\\setup1273175168.exe <==== ATTENTION
Task: {69305CED-2633-4C7B-87E8-F73C9BD09A96} - System32\Tasks\b95ef480 => C:\Users\Infar\AppData\Local\Temp\\setup2152194208.exe <==== ATTENTION
Task: {6CB6A6E2-2D44-4F76-9874-5792760B6749} - System32\Tasks\385c8bc0 => C:\Users\Infar\AppData\Local\Temp\\setup455001152.exe <==== ATTENTION
Task: {7ABA8DD1-B35C-4A36-A46B-83182D0559A2} - System32\Tasks\64adbf40 => C:\Users\Infar\AppData\Local\Temp\\setup778016896.exe <==== ATTENTION
Task: {83416F08-FBA6-4917-A50F-7F0CDB5A5B52} - System32\Tasks\a1945f00 => C:\Users\Infar\AppData\Local\Temp\\setup2477241408.exe <==== ATTENTION
Task: {8FA7EF5C-C4A9-410C-B456-5AA48DD63459} - System32\Tasks\c9a238a0 => C:\Users\Infar\AppData\Local\Temp\\setup2144701664.exe <==== ATTENTION
Task: {9F8CC47E-3CDE-4A21-8807-24CB510743B2} - System32\Tasks\{F2C16F8C-53CC-49B0-8DE3-102A0D9D93E3} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {BB79EA4E-B064-406B-B5A2-FDC59666FA9E} - System32\Tasks\d77f9220 => C:\Users\Infar\AppData\Local\Temp\\setup2727730528.exe <==== ATTENTION
Task: {C960F8EE-304C-42FA-947B-BAAF38459912} - System32\Tasks\7a727260 => C:\Users\Infar\AppData\Local\Temp\\setup3522564512.exe <==== ATTENTION
Task: {DBABEAFE-6462-4ACC-8676-38C0172AC15B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-25] (Google Inc.)
Task: {E3B4099A-63F1-4DCE-8DD2-56F24013BAC5} - System32\Tasks\10a885c0 => C:\Users\Infar\AppData\Local\Temp\\setup3733440320.exe <==== ATTENTION
Task: {EAC93F13-0F1A-4517-8B9D-C14AE012A115} - System32\Tasks\1b3cb880 => C:\Users\Infar\AppData\Local\Temp\\setup3934284800.exe <==== ATTENTION
Task: {F495F307-1CD7-41F3-8ED8-91BF0695AE21} - System32\Tasks\473b5de0 => C:\Users\Infar\AppData\Local\Temp\\setup400786272.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-10-28 11:51 - 2011-02-07 09:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2011-10-29 14:42 - 2014-06-14 00:06 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-01-22 20:17 - 2010-03-15 12:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-10-29 12:08 - 2014-06-29 13:43 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-10-29 12:08 - 2014-06-29 13:43 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2012-10-29 12:08 - 2014-06-29 13:43 - 00563144 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-11 16:16 - 2014-06-29 13:43 - 00577480 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-05-01 20:43 - 2014-05-01 20:43 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2010-12-22 05:39 - 2010-12-22 05:39 - 00028672 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 02138112 _____ () C:\Users\Infar\Desktop\Tor Browser\Tor\tor.exe
2011-11-18 21:44 - 2014-06-12 09:08 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbirt\mozjs.dll
2011-11-18 21:44 - 2014-06-12 09:08 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbirt\NSLDAP32V60.dll
2011-11-18 21:44 - 2014-06-12 09:08 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbirt\NSLDAPPR32V60.dll
2012-01-21 10:01 - 2014-06-12 13:13 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-23 12:56 - 2014-05-31 03:27 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-27 12:33 - 2014-05-31 03:27 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-23 12:56 - 2014-05-31 03:27 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-08 20:54 - 2014-05-31 03:27 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-12 18:10 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-23 12:56 - 2014-06-30 23:47 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-23 12:56 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2012-10-10 18:30 - 2014-06-30 23:46 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-10-10 18:30 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-10-10 18:30 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-10-10 18:30 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-10-10 18:30 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-06-16 10:03 - 2014-06-16 10:03 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 04541454 _____ () C:\Users\Infar\Desktop\Tor Browser\Browser\mozjs.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00510788 _____ () C:\Users\Infar\Desktop\Tor Browser\Tor\libevent-2-0-5.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00090112 _____ () C:\Users\Infar\Desktop\Tor Browser\Tor\zlib1.dll
2000-01-01 02:00 - 2000-01-01 02:00 - 00104451 _____ () C:\Users\Infar\Desktop\Tor Browser\Tor\libssp-0.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssSrv => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^avast! Free Antivirus.lnk => C:\Windows\pss\avast! Free Antivirus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Infar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe
MSCONFIG\startupreg: UPI11_COM => Regsvr32.exe /s "C:\Program Files (x86)\Ulead Systems\Ulead PhotoImpact 12\upiExtractImage.dll"
==================== Faulty Device Manager Devices =============
Name: ASUS Bluetooth
Description: ASUS Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2014 08:21:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 30.0.0.5269 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c30
Startzeit: 01cf9602a72beb16
Endzeit: 52
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: a7178148-0215-11e4-82ac-bcaec5ab10ea
Error: (07/02/2014 08:21:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x106c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/02/2014 08:16:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EoCApp.exe, Version: 1.0.41.0, Zeitstempel: 0x53b2e333
Name des fehlerhaften Moduls: EoCApp.exe, Version: 1.0.41.0, Zeitstempel: 0x53b2e333
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0056714c
ID des fehlerhaften Prozesses: 0x650
Startzeit der fehlerhaften Anwendung: 0xEoCApp.exe0
Pfad der fehlerhaften Anwendung: EoCApp.exe1
Pfad des fehlerhaften Moduls: EoCApp.exe2
Berichtskennung: EoCApp.exe3
Error: (06/24/2014 05:55:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0xf68
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:53:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0x13ec
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:51:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0x3b8
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:32:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0xd24
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:25:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0x688
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:23:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0xb80
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
Error: (06/24/2014 05:20:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpfService64.exe, Version: 1.3.0.9090, Zeitstempel: 0x4e684dec
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057c3c
ID des fehlerhaften Prozesses: 0x13c8
Startzeit der fehlerhaften Anwendung: 0xSpfService64.exe0
Pfad der fehlerhaften Anwendung: SpfService64.exe1
Pfad des fehlerhaften Moduls: SpfService64.exe2
Berichtskennung: SpfService64.exe3
System errors:
=============
Error: (07/03/2014 06:48:39 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (07/03/2014 04:20:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/03/2014 04:20:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/26/2014 01:35:36 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (06/24/2014 05:55:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 13 Mal passiert.
Error: (06/24/2014 05:53:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 12 Mal passiert.
Error: (06/24/2014 05:51:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 11 Mal passiert.
Error: (06/24/2014 05:32:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 10 Mal passiert.
Error: (06/24/2014 05:25:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 9 Mal passiert.
Error: (06/24/2014 05:23:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VAIO Entertainment Common Service" wurde unerwartet beendet. Dies ist bereits 8 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (07/02/2014 08:21:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe30.0.0.5269c3001cf9602a72beb1652C:\Program Files (x86)\Mozilla Firefox\firefox.exea7178148-0215-11e4-82ac-bcaec5ab10ea
Error: (07/02/2014 08:21:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b106c01cf9616f9215498C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb0c0f18e-0215-11e4-82ac-bcaec5ab10ea
Error: (07/02/2014 08:16:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: EoCApp.exe1.0.41.053b2e333EoCApp.exe1.0.41.053b2e333c00000050056714c65001cf960d47d2c68dC:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exeC:\Program Files (x86)\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exefae8992b-0214-11e4-82ac-bcaec5ab10ea
Error: (06/24/2014 05:55:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3cf6801cf8fc47e8b6f7bC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dlle51a2ef4-fbb7-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:53:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3c13ec01cf8fc43e11363bC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dllbbfa3ccd-fbb7-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:51:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3c3b801cf8fc19f079182C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dll69b1f3ef-fbb7-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:32:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3cd2401cf8fc09a3f287aC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dllcaa14a3b-fbb4-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:25:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3c68801cf8fc05d0e0c0aC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dllc5e627d5-fbb3-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:23:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3cb8001cf8fbfee2d3eabC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dll88b02953-fbb3-11e3-9eba-bcaec5ab10ea
Error: (06/24/2014 05:20:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpfService64.exe1.3.0.90904e684decntdll.dll6.1.7601.18247521eaf24c00000050000000000057c3c13c801cf8fbee5834727C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exeC:\Windows\SYSTEM32\ntdll.dll19cfaa15-fbb3-11e3-9eba-bcaec5ab10ea
CodeIntegrity Errors:
===================================
Date: 2011-05-17 15:54:55.671
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\cofi\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-17 15:54:55.656
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\cofi\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 8168.77 MB
Available physical RAM: 5448.07 MB
Total Pagefile: 16335.72 MB
Available Pagefile: 13051.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:667.55 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 48605CD9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-05 19:56:19
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST31000528AS rev.CC38 931,51GB
Running: 4v6e52ng.exe; Driver: C:\Users\Infar\AppData\Local\Temp\pfldrpoc.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800035b4000 45 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff800035b402f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076b41465 2 bytes [B4, 76]
.text C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE[1696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076b414bb 2 bytes [B4, 76]
.text ... * 2
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 00000000727e1a22 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 00000000727e1ad0 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 00000000727e1b08 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 00000000727e1bba 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 00000000727e1bda 2 bytes [7E, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076b41465 2 bytes [B4, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1756] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000076b414bb 2 bytes [B4, 76]
.text ... * 2
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002683112bd2
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002683112bd2 (not active ControlSet)
Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Program Files (x86)\Wizards of the Coast\Magic 2014 \x2014 Duels of the Planeswalkers\Uninstall\unins000.exe 1
---- EOF - GMER 2.1 ----
Der Addition.txt scheint ja doch etwas auffälliges zu beinhalten. Gruß Infar |
|
05.07.2014, 19:08
| #2 |
| /// the machine /// TB-Ausbilder    | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. hi,
__________________Scan mit Combofix
__________________ |
|
06.07.2014, 08:36
| #3 |
| | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Hallo schrauber, danke für die Hilfe.
__________________Antivir kann ich nicht abschalten  Scheinbar keine ausreichende Berechtigung (bin als Admin angemeldet). Prozess lässt sich auch nicht beenden: Zugriff verweigertCombofix lässt sich daher auch nicht ausführen Hallo, konnte Anivir deinstallieren und Combofix ausführen. Hier der Logfile: Code:
ATTFilter ComboFix 14-07-03.01 - Infar 05.07.2014 20:31:18.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8169.6772 [GMT 2:00]
ausgeführt von:: c:\users\Infar\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-05 bis 2014-07-05 ))))))))))))))))))))))))))))))
.
.
2014-07-05 18:38 . 2014-07-05 18:38 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-07-05 18:38 . 2014-07-05 18:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-05 17:38 . 2014-07-05 17:39 -------- d-----w- C:\FRST
2014-07-01 17:15 . 2014-07-01 17:15 -------- d-----w- c:\programdata\PopCap Games
2014-06-25 19:42 . 2014-07-05 17:30 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-25 19:42 . 2014-06-25 19:42 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-06-25 19:42 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-25 19:42 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-25 19:41 . 2014-06-25 19:41 -------- d-----w- c:\program files (x86)\Google
2014-06-25 19:41 . 2014-06-25 19:42 -------- d-----w- c:\users\Infar\AppData\Local\Google
2014-06-24 09:27 . 2014-06-05 10:54 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE2D7AB6-2443-4386-9110-EF12B5833B64}\mpengine.dll
2014-06-17 09:54 . 2014-06-25 19:35 -------- d-----w- c:\program files\Common Files\Sony Shared
2014-06-17 09:53 . 2014-06-25 19:35 -------- d-----w- c:\program files (x86)\Common Files\Sony Shared
2014-06-17 09:50 . 2014-06-17 09:50 -------- d-----w- c:\users\Infar\AppData\Roaming\Sony Corporation
2014-06-17 09:44 . 2014-06-25 19:33 -------- d-----w- c:\programdata\Sony Corporation
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-16 08:03 . 2012-12-23 11:35 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-16 08:03 . 2012-12-23 11:35 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-13 22:06 . 2011-10-29 12:42 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-06-13 22:06 . 2011-10-29 12:42 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-06-13 22:06 . 2011-10-29 12:42 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-06-12 09:55 . 2011-02-25 19:45 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-12 05:25 . 2011-05-15 17:57 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-18 02:43 . 2014-04-18 02:43 127872 ----a-w- c:\windows\system32\amdhcp64.dll
2014-04-18 02:43 . 2014-04-18 02:43 78432 ----a-w- c:\windows\system32\atimpc64.dll
2014-04-18 02:43 . 2014-04-18 02:43 78432 ----a-w- c:\windows\system32\amdpcom64.dll
2014-04-18 02:43 . 2014-04-18 02:43 117560 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2014-04-18 02:43 . 2014-04-18 02:43 71704 ----a-w- c:\windows\SysWow64\atimpc32.dll
2014-04-18 02:43 . 2014-04-18 02:43 71704 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2014-04-18 02:43 . 2012-12-19 19:31 143304 ----a-w- c:\windows\system32\atiuxp64.dll
2014-04-18 02:42 . 2014-04-18 02:42 126336 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-04-18 02:42 . 2014-04-18 02:42 117584 ----a-w- c:\windows\system32\atiu9p64.dll
2014-04-18 02:42 . 2014-04-18 02:42 99520 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-04-18 02:42 . 2012-12-19 20:08 1343272 ----a-w- c:\windows\system32\aticfx64.dll
2014-04-18 02:42 . 2014-04-18 02:42 1117184 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-04-18 02:42 . 2012-12-19 19:49 10335208 ----a-w- c:\windows\system32\atidxx64.dll
2014-04-18 02:42 . 2014-04-18 02:42 8866928 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-04-18 02:42 . 2014-04-18 02:42 6796592 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-04-18 02:42 . 2014-04-18 02:42 6799688 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-04-18 02:42 . 2014-04-18 02:42 7520200 ----a-w- c:\windows\system32\atiumd6a.dll
2014-04-18 02:42 . 2014-04-18 02:42 8010968 ----a-w- c:\windows\system32\atiumd64.dll
2014-04-18 02:39 . 2014-04-18 02:39 274656 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2014-04-18 02:36 . 2014-04-18 02:36 15376384 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2014-04-18 02:23 . 2014-04-18 02:23 231424 ----a-w- c:\windows\system32\clinfo.exe
2014-04-18 02:22 . 2014-04-18 02:22 98816 ----a-w- c:\windows\system32\OpenVideo64.dll
2014-04-18 02:22 . 2014-04-18 02:22 83456 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2014-04-18 02:22 . 2014-04-18 02:22 86528 ----a-w- c:\windows\system32\OVDecode64.dll
2014-04-18 02:22 . 2014-04-18 02:22 73216 ----a-w- c:\windows\SysWow64\OVDecode.dll
2014-04-18 02:22 . 2014-04-18 02:22 28685824 ----a-w- c:\windows\system32\amdocl64.dll
2014-04-18 02:19 . 2014-04-18 02:19 24107520 ----a-w- c:\windows\SysWow64\amdocl.dll
2014-04-18 02:17 . 2014-04-18 02:17 65024 ----a-w- c:\windows\system32\OpenCL.dll
2014-04-18 02:17 . 2014-04-18 02:17 58880 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-04-18 02:13 . 2014-04-18 02:13 127488 ----a-w- c:\windows\system32\mantle64.dll
2014-04-18 02:13 . 2014-04-18 02:13 113664 ----a-w- c:\windows\SysWow64\mantle32.dll
2014-04-18 02:12 . 2014-04-18 02:12 27907584 ----a-w- c:\windows\system32\atio6axx.dll
2014-04-18 02:12 . 2014-04-18 02:12 5442048 ----a-w- c:\windows\system32\amdmantle64.dll
2014-04-18 01:58 . 2014-04-18 01:58 4358656 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2014-04-18 01:51 . 2014-04-18 01:51 23409152 ----a-w- c:\windows\SysWow64\atioglxx.dll
2014-04-18 01:46 . 2014-04-18 01:46 368128 ----a-w- c:\windows\system32\atiapfxx.exe
2014-04-18 01:46 . 2014-04-18 01:46 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2014-04-18 01:46 . 2014-04-18 01:46 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2014-04-18 01:46 . 2014-04-18 01:46 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2014-04-18 01:46 . 2014-04-18 01:46 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2014-04-18 01:46 . 2014-04-18 01:46 15716352 ----a-w- c:\windows\system32\aticaldd64.dll
2014-04-18 01:45 . 2014-04-18 01:45 91136 ----a-w- c:\windows\system32\mantleaxl64.dll
2014-04-18 01:45 . 2014-04-18 01:45 85504 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2014-04-18 01:42 . 2014-04-18 01:42 14302208 ----a-w- c:\windows\SysWow64\aticaldd.dll
2014-04-18 01:33 . 2014-04-18 01:33 48128 ----a-w- c:\windows\system32\amdmmcl6.dll
2014-04-18 01:33 . 2014-04-18 01:33 37888 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2014-04-18 01:30 . 2014-04-18 01:30 442368 ----a-w- c:\windows\system32\atidemgy.dll
2014-04-18 01:30 . 2014-04-18 01:30 31232 ----a-w- c:\windows\system32\atimuixx.dll
2014-04-18 01:29 . 2014-04-18 01:29 586240 ----a-w- c:\windows\system32\atieclxx.exe
2014-04-18 01:29 . 2014-04-18 01:29 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2014-04-18 01:28 . 2014-04-18 01:28 190976 ----a-w- c:\windows\system32\atitmm64.dll
2014-04-18 01:21 . 2014-04-18 01:21 806912 ----a-w- c:\windows\system32\coinst_14.100.dll
2014-04-18 01:09 . 2014-04-18 01:09 1177600 ----a-w- c:\windows\system32\atiadlxx.dll
2014-04-18 01:09 . 2014-04-18 01:09 848896 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2014-04-18 01:08 . 2014-04-18 01:08 95744 ----a-w- c:\windows\system32\amdave64.dll
2014-04-18 01:08 . 2014-04-18 01:08 90112 ----a-w- c:\windows\SysWow64\amdave32.dll
2014-04-18 01:08 . 2014-04-18 01:08 89088 ----a-w- c:\windows\system32\atisamu64.dll
2014-04-18 01:08 . 2014-04-18 01:08 80896 ----a-w- c:\windows\SysWow64\atisamu32.dll
2014-04-18 01:07 . 2014-04-18 01:07 75264 ----a-w- c:\windows\system32\atig6pxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 69632 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 69632 ----a-w- c:\windows\system32\atiglpxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 146944 ----a-w- c:\windows\system32\atig6txx.dll
2014-04-18 01:07 . 2014-04-18 01:07 133632 ----a-w- c:\windows\SysWow64\atigktxx.dll
2014-04-18 01:07 . 2014-04-18 01:07 638976 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2014-04-18 01:04 . 2014-04-18 01:04 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2014-04-17 20:33 . 2014-04-17 20:33 51200 ----a-w- c:\windows\system32\kdbsdk64.dll
2014-04-17 20:28 . 2014-04-17 20:28 38912 ----a-w- c:\windows\SysWow64\kdbsdk32.dll
2014-04-12 02:22 . 2014-05-15 15:13 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-15 15:13 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-15 15:13 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-15 15:13 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-15 15:13 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-15 15:13 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-15 15:13 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-15 15:13 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-15 15:13 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-17 767200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;c:\windows\system32\DRIVERS\HSPADataCardusbmdm.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbmdm.sys [x]
R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;c:\windows\system32\DRIVERS\HSPADataCardusbnmea.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbnmea.sys [x]
R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;c:\windows\system32\DRIVERS\HSPADataCardusbser.sys;c:\windows\SYSNATIVE\DRIVERS\HSPADataCardusbser.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 Ser2at;ATEN USB to Serial port driver;c:\windows\system32\DRIVERS\ser2at64.sys;c:\windows\SYSNATIVE\DRIVERS\ser2at64.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 usbser64;Neato Robotics USB Driver;c:\windows\system32\DRIVERS\usbser.sys;c:\windows\SYSNATIVE\DRIVERS\usbser.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys;c:\windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-25 19:41 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-23 08:03]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-25 19:41]
.
2014-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-25 19:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-02 11545192]
"Launch LGDCore"="c:\program files\Common Files\Logitech\G-series Software\LGDCore.exe" [2006-07-23 1783296]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-05 20:44:49 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-07-05 18:44
.
Vor Suchlauf: 11 Verzeichnis(se), 717.344.870.400 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 717.056.417.792 Bytes frei
.
- - End Of File - - DC413FA0E541E4FA15491BC4266F1513
A36C5E4F47E84449FF07ED3517B43A31
Gruß |
|
06.07.2014, 11:42
| #4 |
| /// the machine /// TB-Ausbilder | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.07.2014, 11:58
| #5 |
| | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Hallo, hier die Logs: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 06.07.2014 Suchlauf-Zeit: 12:01:17 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.06.03 Rootkit Datenbank: v2014.07.03.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Infar Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 284164 Verstrichene Zeit: 5 Min, 46 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.214 - Bericht erstellt am 06/07/2014 um 11:28:36
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Infar - ASUSI5
# Gestartet von : C:\Users\Infar\Desktop\adwcleaner_3.214.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1024 octets] - [06/07/2014 11:25:11]
AdwCleaner[S0].txt - [947 octets] - [06/07/2014 11:28:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1006 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Infar on 06.07.2014 at 11:30:22,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Infar\AppData\Roaming\mozilla\firefox\profiles\cmjaxt5e.default\minidumps [90 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.07.2014 at 11:34:04,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Infar (administrator) on ASUSI5 on 06-07-2014 11:34:45
Running from C:\Users\Infar\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe [1783296 2006-07-23] (Logitech Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEBFBA7B13BE9CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: German Dictionary - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08]
FF Extension: Ghostery - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]
FF Extension: NoScript - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-25]
FF Extension: Adblock Plus - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-21]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25]
CHR Extension: (Google Drive) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25]
CHR Extension: (YouTube) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-25]
CHR Extension: (Google-Suche) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-25]
CHR Extension: (Google Wallet) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-25]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-06-25]
CHR Extension: (Google Mail) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-12-29]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-14] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-20] (DT Soft Ltd)
S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.) [File not signed]
S3 usbser64; C:\Windows\System32\DRIVERS\usbser.sys [33280 2013-08-29] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-06 11:34 - 2014-07-06 11:34 - 00010012 _____ () C:\Users\Infar\Desktop\FRST.txt
2014-07-06 11:34 - 2014-07-06 11:34 - 00000757 _____ () C:\Users\Infar\Desktop\JRT.txt
2014-07-06 11:29 - 2014-07-06 11:29 - 00000310 _____ () C:\Windows\PFRO.log
2014-07-06 11:29 - 2014-07-06 11:29 - 00000056 _____ () C:\Windows\setupact.log
2014-07-06 11:29 - 2014-07-06 11:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-06 11:28 - 2014-07-06 11:28 - 00001086 _____ () C:\Users\Infar\Desktop\AdwCleaner[S0].txt
2014-07-06 11:25 - 2014-07-06 11:34 - 00000000 ____D () C:\AdwCleaner
2014-07-06 11:25 - 2014-07-06 11:25 - 00001024 _____ () C:\Users\Infar\Desktop\AdwCleaner[R0].txt
2014-07-06 11:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-06 11:24 - 2014-07-06 11:24 - 01346519 _____ () C:\Users\Infar\Desktop\adwcleaner_3.214.exe
2014-07-06 11:24 - 2014-07-06 11:24 - 01016261 _____ (Thisisu) C:\Users\Infar\Desktop\JRT.exe
2014-07-05 20:44 - 2014-07-05 20:44 - 00017388 _____ () C:\ComboFix.txt
2014-07-05 20:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-05 20:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-05 20:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-05 20:19 - 2014-07-05 20:44 - 00000000 ____D () C:\Qoobox
2014-07-05 19:38 - 2014-07-06 11:34 - 00000000 ____D () C:\FRST
2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe
2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable
2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser
2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios
2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk
2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url
2014-06-25 21:42 - 2014-07-05 19:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-25 21:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-25 21:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-25 21:41 - 2014-07-06 11:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-25 21:41 - 2014-07-06 10:51 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-25 21:41 - 2014-06-26 02:46 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-25 21:41 - 2014-06-26 02:46 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-25 21:41 - 2014-06-25 21:42 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google
2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-25 20:25 - 2014-06-25 20:30 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa
2014-06-17 11:58 - 2014-06-25 21:35 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-06-17 11:54 - 2014-06-25 21:35 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared
2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation
2014-06-17 11:44 - 2014-06-25 21:33 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-06-12 09:13 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 09:13 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 09:13 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 09:13 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 09:13 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 09:13 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 09:13 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 09:13 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 09:13 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 09:13 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 09:13 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 09:13 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 09:13 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 09:13 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 09:13 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 09:13 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 09:13 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 09:13 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 09:13 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 09:13 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 09:13 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 09:13 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 09:13 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 09:13 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 09:13 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 09:13 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 09:13 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 09:13 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 09:13 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 09:13 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 09:13 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 09:13 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 09:13 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 09:13 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 09:13 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 09:13 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 09:13 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 09:13 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 09:13 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 09:13 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 09:13 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 09:13 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 09:13 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 09:13 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 09:13 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 09:13 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 09:13 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 09:13 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 09:13 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 09:13 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 09:13 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 09:13 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 09:13 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 09:13 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 09:13 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 09:13 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 09:13 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 09:13 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 09:13 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 09:13 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 09:13 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 09:13 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-09 14:55 - 2014-07-05 19:48 - 00074978 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt
2014-06-08 12:54 - 2014-06-02 20:03 - 00000000 ____D () C:\Users\Infar\Downloads\Watch.Dogs.DLC.Unlocker-RELOADED
2014-06-08 12:54 - 2014-05-26 23:30 - 00000000 ____D () C:\Users\Infar\Downloads\Watch.Dogs.Hotfix-RELOADED
2014-06-08 12:32 - 2014-05-26 16:27 - 00000000 ____D () C:\Users\Infar\Downloads\Watch.Dogs-RELOADED
2014-06-07 10:24 - 2014-06-07 10:24 - 00000000 ____D () C:\Users\Infar\Documents\Wizards of the Coast
==================== One Month Modified Files and Folders =======
2014-07-06 11:35 - 2014-07-06 11:34 - 00010012 _____ () C:\Users\Infar\Desktop\FRST.txt
2014-07-06 11:34 - 2014-07-06 11:34 - 00000757 _____ () C:\Users\Infar\Desktop\JRT.txt
2014-07-06 11:34 - 2014-07-06 11:25 - 00000000 ____D () C:\AdwCleaner
2014-07-06 11:34 - 2014-07-05 19:38 - 00000000 ____D () C:\FRST
2014-07-06 11:29 - 2014-07-06 11:29 - 00000310 _____ () C:\Windows\PFRO.log
2014-07-06 11:29 - 2014-07-06 11:29 - 00000056 _____ () C:\Windows\setupact.log
2014-07-06 11:29 - 2014-07-06 11:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-06 11:29 - 2014-06-25 21:41 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 11:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-06 11:28 - 2014-07-06 11:28 - 00001086 _____ () C:\Users\Infar\Desktop\AdwCleaner[S0].txt
2014-07-06 11:28 - 2012-05-08 21:01 - 01732302 _____ () C:\Windows\WindowsUpdate.log
2014-07-06 11:25 - 2014-07-06 11:25 - 00001024 _____ () C:\Users\Infar\Desktop\AdwCleaner[R0].txt
2014-07-06 11:24 - 2014-07-06 11:24 - 01346519 _____ () C:\Users\Infar\Desktop\adwcleaner_3.214.exe
2014-07-06 11:24 - 2014-07-06 11:24 - 01016261 _____ (Thisisu) C:\Users\Infar\Desktop\JRT.exe
2014-07-06 11:24 - 2012-10-10 18:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-06 10:55 - 2013-09-12 17:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 10:51 - 2014-06-25 21:41 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 09:07 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-06 09:07 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-06 00:25 - 2011-07-14 15:03 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\TS3Client
2014-07-05 20:44 - 2014-07-05 20:44 - 00017388 _____ () C:\ComboFix.txt
2014-07-05 20:44 - 2014-07-05 20:19 - 00000000 ____D () C:\Qoobox
2014-07-05 20:40 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-05 20:39 - 2009-07-14 04:34 - 68157440 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-05 20:39 - 2009-07-14 04:34 - 24903680 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-05 20:39 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-07-05 20:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-05 20:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-07-05 20:38 - 2011-05-17 15:50 - 00000000 ____D () C:\Windows\ERDNT
2014-07-05 19:48 - 2014-06-09 14:55 - 00074978 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt
2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe
2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable
2014-07-05 19:36 - 2011-01-20 19:03 - 00000000 ____D () C:\Users\Infar
2014-07-05 19:30 - 2014-06-25 21:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 17:15 - 2011-01-21 19:21 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E32FF8B6-3DA1-40CE-9FEC-BE9BD0085B0F}
2014-07-03 17:59 - 2012-09-18 18:31 - 00000000 ____D () C:\ProgramData\Origin
2014-07-03 17:41 - 2013-03-06 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-03 17:02 - 2012-10-28 11:57 - 00000000 ____D () C:\Users\Infar\AppData\Local\Canon Easy-PhotoPrint EX
2014-07-03 17:02 - 2012-10-28 11:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-03 16:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser
2014-07-02 20:21 - 2012-08-07 21:49 - 00000000 ____D () C:\Users\Infar\AppData\Local\CrashDumps
2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios
2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk
2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-07-01 19:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-01 19:13 - 2013-03-06 16:36 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url
2014-07-01 19:02 - 2012-10-10 18:35 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-30 17:51 - 2014-05-25 13:26 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Tropico 5
2014-06-29 13:43 - 2011-07-14 15:00 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-26 11:40 - 2012-12-13 17:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\vlc
2014-06-26 02:46 - 2014-06-25 21:41 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 02:46 - 2014-06-25 21:41 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-25 21:42 - 2014-06-25 21:41 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google
2014-06-25 21:42 - 2012-01-15 19:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-25 21:42 - 2011-05-22 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-25 21:42 - 2011-05-15 19:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Malwarebytes
2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-25 21:41 - 2011-05-22 09:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-25 21:35 - 2014-06-17 11:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-06-25 21:35 - 2014-06-17 11:54 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared
2014-06-25 21:33 - 2014-06-17 11:44 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-06-25 21:32 - 2012-04-23 21:28 - 00000000 ____D () C:\Windows\pss
2014-06-25 21:10 - 2014-04-22 16:23 - 00000000 ____D () C:\Users\Infar\Desktop\qp33
2014-06-25 20:30 - 2014-06-25 20:25 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa
2014-06-17 12:03 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-06-17 12:03 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-06-17 12:03 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation
2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-06-16 10:03 - 2013-09-12 17:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-16 10:03 - 2012-12-23 13:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 10:03 - 2012-12-23 13:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-14 00:44 - 2013-11-05 19:25 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-14 00:06 - 2013-04-27 13:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-14 00:06 - 2011-10-29 14:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-12 22:50 - 2013-04-10 17:44 - 00000000 ____D () C:\Users\Infar\Downloads\A_Brazzers
2014-06-12 16:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 13:13 - 2011-01-20 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 11:56 - 2013-08-14 20:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 11:55 - 2011-02-25 21:45 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 11:53 - 2014-04-30 19:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 09:08 - 2011-11-18 21:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbirt
2014-06-08 20:04 - 2013-12-24 18:23 - 00000000 ____D () C:\Users\Infar\Downloads\A_Ember_1.3.0.18
2014-06-08 19:59 - 2013-06-09 09:49 - 00000000 ____D () C:\Users\Infar\Downloads\A_Filme
2014-06-08 11:13 - 2014-06-12 09:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 09:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 09:44 - 2011-01-21 19:35 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-06-07 10:24 - 2014-06-07 10:24 - 00000000 ____D () C:\Users\Infar\Documents\Wizards of the Coast
2014-06-07 09:36 - 2013-10-25 21:11 - 00000000 ____D () C:\Users\Infar\AppData\Local\Battle.net
2014-06-07 09:30 - 2013-10-25 21:11 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-07 08:57 - 2014-03-21 18:39 - 00000000 ____D () C:\Users\Infar\AppData\Local\NCSOFT
2014-06-07 08:57 - 2014-03-21 18:39 - 00000000 ____D () C:\Program Files (x86)\NCSOFT
Some content of TEMP:
====================
C:\Users\Infar\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-29 18:15
==================== End Of Log ============================
Gruß |
|
06.07.2014, 17:45
| #6 |
| /// the machine /// TB-Ausbilder | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. |
|
06.07.2014, 21:16
| #7 |
| | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Hallo, SecurityCheck geht scheinbar mit win7 nicht ? Code:
ATTFilter UNSUPPORTED OPERATING SYSTEM! ABORTED!
ESET Online Scanner hat nichts gefunden. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=8ca18e85709d3746b1fdd24cb6f9ea0f
# engine=19046
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-06 07:17:21
# local_time=2014-07-06 09:17:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 30843 156304091 0 0
# scanned=206541
# found=0
# cleaned=0
# scan_time=5312
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Infar (administrator) on ASUSI5 on 06-07-2014 22:15:38
Running from C:\Users\Infar\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe [1783296 2006-07-23] (Logitech Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEBFBA7B13BE9CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: German Dictionary - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08]
FF Extension: Ghostery - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]
FF Extension: NoScript - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-25]
FF Extension: Adblock Plus - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-21]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25]
CHR Extension: (Google Drive) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25]
CHR Extension: (YouTube) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-25]
CHR Extension: (Google-Suche) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-25]
CHR Extension: (Google Wallet) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-25]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-06-25]
CHR Extension: (Google Mail) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25]
CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-12-29]
==================== Services (Whitelisted) =================
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-14] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-20] (DT Soft Ltd)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.) [File not signed]
S3 usbser64; C:\Windows\System32\DRIVERS\usbser.sys [33280 2013-08-29] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X]
S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X]
S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-06 22:15 - 2014-07-06 22:15 - 00010614 _____ () C:\Users\Infar\Desktop\FRST.txt
2014-07-06 22:13 - 2014-07-06 22:13 - 00854390 _____ () C:\Users\Infar\Downloads\SecurityCheck.exe
2014-07-06 19:46 - 2014-07-06 19:46 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-06 19:45 - 2014-07-06 19:45 - 02347384 _____ (ESET) C:\Users\Infar\Downloads\esetsmartinstaller_deu.exe
2014-07-06 12:44 - 2014-07-06 12:44 - 00001153 _____ () C:\Users\Infar\Desktop\mbam.txt
2014-07-06 12:09 - 2014-07-06 12:09 - 00000000 ____D () C:\ProgramData\Protexis
2014-07-06 12:08 - 2014-07-06 21:08 - 00000080 __RSH () C:\Windows\SysWOW64\25C99808B5.dll
2014-07-06 12:08 - 2014-07-06 12:08 - 00002811 _____ () C:\Users\Public\Desktop\AutoClicker.exe.lnk
2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark Software
2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\ProgramData\Macrovision
2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\Program Files (x86)\Shark Software
2014-07-06 11:29 - 2014-07-06 12:59 - 00000112 _____ () C:\Windows\setupact.log
2014-07-06 11:29 - 2014-07-06 11:29 - 00000310 _____ () C:\Windows\PFRO.log
2014-07-06 11:29 - 2014-07-06 11:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-06 11:25 - 2014-07-06 12:54 - 00000000 ____D () C:\AdwCleaner
2014-07-06 11:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-05 20:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-05 20:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-05 20:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-05 20:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-05 20:19 - 2014-07-05 20:44 - 00000000 ____D () C:\Qoobox
2014-07-05 19:38 - 2014-07-06 22:15 - 00000000 ____D () C:\FRST
2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe
2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable
2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser
2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios
2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk
2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url
2014-06-25 21:42 - 2014-07-06 16:58 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-25 21:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-25 21:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-25 21:41 - 2014-07-06 21:51 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-25 21:41 - 2014-07-06 11:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-25 21:41 - 2014-06-26 02:46 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-25 21:41 - 2014-06-26 02:46 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-25 21:41 - 2014-06-25 21:42 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google
2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-25 20:25 - 2014-06-25 20:30 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa
2014-06-17 11:58 - 2014-06-25 21:35 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-06-17 11:54 - 2014-06-25 21:35 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared
2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation
2014-06-17 11:44 - 2014-06-25 21:33 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-06-12 09:13 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 09:13 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 09:13 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 09:13 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 09:13 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 09:13 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 09:13 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 09:13 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 09:13 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 09:13 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 09:13 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 09:13 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 09:13 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 09:13 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 09:13 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 09:13 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 09:13 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 09:13 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 09:13 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 09:13 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 09:13 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 09:13 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 09:13 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 09:13 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 09:13 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 09:13 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 09:13 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 09:13 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 09:13 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 09:13 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 09:13 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 09:13 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 09:13 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 09:13 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 09:13 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 09:13 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 09:13 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 09:13 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 09:13 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 09:13 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 09:13 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 09:13 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 09:13 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 09:13 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 09:13 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 09:13 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 09:13 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 09:13 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 09:13 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 09:13 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 09:13 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 09:13 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 09:13 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 09:13 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 09:13 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 09:13 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 09:13 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 09:13 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 09:13 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 09:13 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 09:13 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 09:13 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-09 14:55 - 2014-07-05 19:48 - 00074978 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt
2014-06-08 12:54 - 2014-06-02 20:03 - 00000000 ____D () C:\Users\Infar\Downloads\Watch.Dogs.DLC.Unlocker-RELOADED
2014-06-08 12:54 - 2014-05-26 23:30 - 00000000 ____D () C:\Users\Infar\Downloads\Watch.Dogs.Hotfix-RELOADED
2014-06-08 12:32 - 2014-05-26 16:27 - 00000000 ____D () C:\Users\Infar\Downloads\Watch.Dogs-RELOADED
2014-06-07 10:24 - 2014-06-07 10:24 - 00000000 ____D () C:\Users\Infar\Documents\Wizards of the Coast
==================== One Month Modified Files and Folders =======
2014-07-06 22:15 - 2014-07-06 22:15 - 00010614 _____ () C:\Users\Infar\Desktop\FRST.txt
2014-07-06 22:15 - 2014-07-05 19:38 - 00000000 ____D () C:\FRST
2014-07-06 22:13 - 2014-07-06 22:13 - 00854390 _____ () C:\Users\Infar\Downloads\SecurityCheck.exe
2014-07-06 21:55 - 2013-09-12 17:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 21:51 - 2014-06-25 21:41 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 21:08 - 2014-07-06 12:08 - 00000080 __RSH () C:\Windows\SysWOW64\25C99808B5.dll
2014-07-06 20:32 - 2011-07-14 15:03 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\TS3Client
2014-07-06 20:26 - 2012-10-10 18:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-06 19:46 - 2014-07-06 19:46 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-06 19:45 - 2014-07-06 19:45 - 02347384 _____ (ESET) C:\Users\Infar\Downloads\esetsmartinstaller_deu.exe
2014-07-06 17:56 - 2011-01-21 19:21 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E32FF8B6-3DA1-40CE-9FEC-BE9BD0085B0F}
2014-07-06 17:16 - 2012-05-08 21:01 - 01760569 _____ () C:\Windows\WindowsUpdate.log
2014-07-06 16:58 - 2014-06-25 21:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-06 12:59 - 2014-07-06 11:29 - 00000112 _____ () C:\Windows\setupact.log
2014-07-06 12:54 - 2014-07-06 11:25 - 00000000 ____D () C:\AdwCleaner
2014-07-06 12:44 - 2014-07-06 12:44 - 00001153 _____ () C:\Users\Infar\Desktop\mbam.txt
2014-07-06 12:09 - 2014-07-06 12:09 - 00000000 ____D () C:\ProgramData\Protexis
2014-07-06 12:08 - 2014-07-06 12:08 - 00002811 _____ () C:\Users\Public\Desktop\AutoClicker.exe.lnk
2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark Software
2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\ProgramData\Macrovision
2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\Program Files (x86)\Shark Software
2014-07-06 12:02 - 2012-12-13 17:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\vlc
2014-07-06 11:36 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-06 11:36 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-06 11:29 - 2014-07-06 11:29 - 00000310 _____ () C:\Windows\PFRO.log
2014-07-06 11:29 - 2014-07-06 11:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-06 11:29 - 2014-06-25 21:41 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 11:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-05 20:44 - 2014-07-05 20:19 - 00000000 ____D () C:\Qoobox
2014-07-05 20:40 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-05 20:39 - 2009-07-14 04:34 - 68157440 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-05 20:39 - 2009-07-14 04:34 - 24903680 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-05 20:39 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-07-05 20:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-05 20:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-07-05 20:38 - 2011-05-17 15:50 - 00000000 ____D () C:\Windows\ERDNT
2014-07-05 19:48 - 2014-06-09 14:55 - 00074978 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt
2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe
2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable
2014-07-05 19:36 - 2011-01-20 19:03 - 00000000 ____D () C:\Users\Infar
2014-07-03 17:59 - 2012-09-18 18:31 - 00000000 ____D () C:\ProgramData\Origin
2014-07-03 17:41 - 2013-03-06 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-03 17:02 - 2012-10-28 11:57 - 00000000 ____D () C:\Users\Infar\AppData\Local\Canon Easy-PhotoPrint EX
2014-07-03 17:02 - 2012-10-28 11:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-03 16:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser
2014-07-02 20:21 - 2012-08-07 21:49 - 00000000 ____D () C:\Users\Infar\AppData\Local\CrashDumps
2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios
2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk
2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle
2014-07-01 19:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-01 19:13 - 2013-03-06 16:36 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url
2014-07-01 19:02 - 2012-10-10 18:35 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-30 17:51 - 2014-05-25 13:26 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Tropico 5
2014-06-29 13:43 - 2011-07-14 15:00 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-26 02:46 - 2014-06-25 21:41 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-26 02:46 - 2014-06-25 21:41 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-25 21:42 - 2014-06-25 21:41 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google
2014-06-25 21:42 - 2012-01-15 19:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-25 21:42 - 2011-05-22 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-25 21:42 - 2011-05-15 19:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Malwarebytes
2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-25 21:41 - 2011-05-22 09:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-25 21:35 - 2014-06-17 11:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation
2014-06-25 21:35 - 2014-06-17 11:54 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared
2014-06-25 21:33 - 2014-06-17 11:44 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-06-25 21:32 - 2012-04-23 21:28 - 00000000 ____D () C:\Windows\pss
2014-06-25 21:10 - 2014-04-22 16:23 - 00000000 ____D () C:\Users\Infar\Desktop\qp33
2014-06-25 20:30 - 2014-06-25 20:25 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa
2014-06-17 12:03 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-06-17 12:03 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-06-17 12:03 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation
2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-06-16 10:03 - 2013-09-12 17:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-16 10:03 - 2012-12-23 13:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 10:03 - 2012-12-23 13:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-14 00:44 - 2013-11-05 19:25 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-06-14 00:06 - 2013-04-27 13:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-14 00:06 - 2011-10-29 14:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-12 22:50 - 2013-04-10 17:44 - 00000000 ____D () C:\Users\Infar\Downloads\A_Brazzers
2014-06-12 16:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-12 13:13 - 2011-01-20 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 11:56 - 2013-08-14 20:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 11:55 - 2011-02-25 21:45 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 11:53 - 2014-04-30 19:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 09:08 - 2011-11-18 21:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbirt
2014-06-08 20:04 - 2013-12-24 18:23 - 00000000 ____D () C:\Users\Infar\Downloads\A_Ember_1.3.0.18
2014-06-08 19:59 - 2013-06-09 09:49 - 00000000 ____D () C:\Users\Infar\Downloads\A_Filme
2014-06-08 11:13 - 2014-06-12 09:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 09:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 09:44 - 2011-01-21 19:35 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-06-07 10:24 - 2014-06-07 10:24 - 00000000 ____D () C:\Users\Infar\Documents\Wizards of the Coast
2014-06-07 09:36 - 2013-10-25 21:11 - 00000000 ____D () C:\Users\Infar\AppData\Local\Battle.net
2014-06-07 09:30 - 2013-10-25 21:11 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-07 08:57 - 2014-03-21 18:39 - 00000000 ____D () C:\Users\Infar\AppData\Local\NCSOFT
2014-06-07 08:57 - 2014-03-21 18:39 - 00000000 ____D () C:\Program Files (x86)\NCSOFT
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-29 18:15
==================== End Of Log ============================
Browserproblem ist noch vorhanden. Evtl. ist hier aber gar kein Schädling das Problem Gruß |
|
07.07.2014, 14:12
| #8 |
| /// the machine /// TB-Ausbilder | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Securitycheck ignorieren, das is ne olle Zimzicke Welche Browser genau? Welche Seiten genau? Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.07.2014, 14:49
| #9 |
| | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Hallo, ich kann das Probleme vor allem bei Google erkennen. Es wird scheinbar nicht weiter geladen. Bei Bildersuche ist z.B die hälfte der Ergebnisse nicht darstellbar und mit google Maps kann ich gar nicht mehr arbeiten. Bei Facebook werden nicht alle Einträge geladen und bei Youtube habe ich Probleme beim abspielen. Browser sind alle betroffen. Firefox, Chrome und IE. Auf anderen Internetseiten scheinbar keine Probleme Code:
ATTFilter MiniToolBox by Farbar Version: 06-07-2014
Ran by Infar (administrator) on 07-07-2014 at 15:41:03
Running from "C:\Users\Infar\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"network.proxy.type", 0
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Realtek PCIe GBE Family Controller = LAN-Verbindung (Connected)
TeamViewer VPN Adapter = LAN-Verbindung 2 (Media disconnected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
add route prefix=169.254.0.0/16 interface="iftype0_0" nexthop=192.168.1.2 metric=1 publish=Ja
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : ASUSi5
Prim�res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : fritz.box
Ethernet-Adapter LAN-Verbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : TeamViewer VPN Adapter
Physikalische Adresse . . . . . . : 00-FF-3D-A3-7E-EB
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Ethernet-Adapter LAN-Verbindung:
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physikalische Adresse . . . . . . : BC-AE-C5-AB-10-EA
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2a02:2028:12c:ca1:e928:7bdc:7118:e15c(Bevorzugt)
Tempor�re IPv6-Adresse. . . . . . : 2a02:2028:12c:ca1:49f6:c2dc:658d:3c4b(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::e928:7bdc:7118:e15c%10(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.178.22(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Montag, 7. Juli 2014 15:36:45
Lease l�uft ab. . . . . . . . . . : Donnerstag, 17. Juli 2014 15:36:44
Standardgateway . . . . . . . . . : fe80::9ec7:a6ff:fe06:f71%10
192.168.178.1
DHCP-Server . . . . . . . . . . . : 192.168.178.1
DHCPv6-IAID . . . . . . . . . . . : 247246533
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-14-CA-25-82-BC-AE-C5-AB-10-EA
DNS-Server . . . . . . . . . . . : fd00::9ec7:a6ff:fe06:f71
192.168.178.1
NetBIOS �ber TCP/IP . . . . . . . : Aktiviert
Tunneladapter Teredo Tunneling Pseudo-Interface:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2001:0:5ef5:79fb:4e:2de2:3f57:4de9(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::4e:2de2:3f57:4de9%13(Bevorzugt)
Standardgateway . . . . . . . . . :
NetBIOS �ber TCP/IP . . . . . . . : Deaktiviert
Tunneladapter isatap.fritz.box:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter isatap.{3DA37EEB-7998-44E2-849B-D138A8A0CBB7}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Server: fritz.box
Address: fd00::9ec7:a6ff:fe06:f71
Name: google.com
Addresses: 2a00:1450:4005:808::1006
173.194.113.131
173.194.113.135
173.194.113.136
173.194.113.133
173.194.113.137
173.194.113.142
173.194.113.129
173.194.113.130
173.194.113.128
173.194.113.132
173.194.113.134
Ping wird ausgef�hrt f�r google.com [2a00:1450:4005:808::1006] mit 32 Bytes Daten:
Zeit�berschreitung der Anforderung.
Antwort von 2a00:1450:4005:808::1006: Zeit=3ms
Ping-Statistik f�r 2a00:1450:4005:808::1006:
Pakete: Gesendet = 2, Empfangen = 1, Verloren = 1
(50% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 3ms, Maximum = 3ms, Mittelwert = 3ms
Server: fritz.box
Address: fd00::9ec7:a6ff:fe06:f71
Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109
Ping wird ausgef�hrt f�r yahoo.com [98.139.183.24] mit 32 Bytes Daten:
Antwort von 98.139.183.24: Bytes=32 Zeit=118ms TTL=52
Antwort von 98.139.183.24: Bytes=32 Zeit=115ms TTL=52
Ping-Statistik f�r 98.139.183.24:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 115ms, Maximum = 118ms, Mittelwert = 116ms
Ping wird ausgef�hrt f�r 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Ping-Statistik f�r 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
17...00 ff 3d a3 7e eb ......TeamViewer VPN Adapter
10...bc ae c5 ab 10 ea ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
18...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.22 20
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
169.254.0.0 255.255.0.0 Auf Verbindung 192.168.178.22 306
169.254.255.255 255.255.255.255 Auf Verbindung 192.168.178.22 276
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.22 276
192.168.178.22 255.255.255.255 Auf Verbindung 192.168.178.22 276
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.22 276
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.22 276
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.22 276
===========================================================================
St�ndige Routen:
Netzwerkadresse Netzmaske Gatewayadresse Metrik
169.254.0.0 255.255.0.0 192.168.1.2 1
===========================================================================
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
10 36 ::/0 fe80::9ec7:a6ff:fe06:f71
1 306 ::1/128 Auf Verbindung
13 58 2001::/32 Auf Verbindung
13 306 2001:0:5ef5:79fb:4e:2de2:3f57:4de9/128
Auf Verbindung
10 28 2a02:2028:12c:ca1::/64 Auf Verbindung
10 36 2a02:2028:12c:ca1::/64 fe80::9ec7:a6ff:fe06:f71
10 276 2a02:2028:12c:ca1:49f6:c2dc:658d:3c4b/128
Auf Verbindung
10 276 2a02:2028:12c:ca1:e928:7bdc:7118:e15c/128
Auf Verbindung
10 276 fe80::/64 Auf Verbindung
13 306 fe80::/64 Auf Verbindung
13 306 fe80::4e:2de2:3f57:4de9/128
Auf Verbindung
10 276 fe80::e928:7bdc:7118:e15c/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
13 306 ff00::/8 Auf Verbindung
10 276 ff00::/8 Auf Verbindung
===========================================================================
St�ndige Routen:
Keine
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (07/06/2014 10:12:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/06/2014 09:50:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/06/2014 07:46:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/06/2014 07:46:15 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (07/06/2014 00:59:50 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (07/06/2014 10:12:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (07/06/2014 09:50:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (07/06/2014 07:46:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Infar\Downloads\esetsmartinstaller_deu.exe
Error: (07/06/2014 07:46:15 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Infar\Downloads\esetsmartinstaller_deu.exe
CodeIntegrity Errors:
===================================
Date: 2014-07-05 20:38:14.022
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-05 20:38:13.913
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-17 15:54:55.671
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\cofi\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2011-05-17 15:54:55.656
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\cofi\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
=========================== Installed Programs ============================
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Auto Clicker - Image Recognizer (HKLM-x32\...\{C6B51FD8-942C-45FE-9704-19B687372691}) (Version: 3.0 - Shark Software)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Banished v1.0.0 64-bit (HKLM\...\{72C32B02-0B78-45F8-8528-2C93F62A7B47}) (Version: 1.0.0 - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.2 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0611.1251.21046 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.02 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FlashFXP (x32 Version: 4.3.0.1904 - OpenSight Software LLC) Hidden
FlashFXP 4.3.0.1904 (HKLM-x32\...\FlashFXP 4.3.0.1904) (Version: 4.3.0.1904 - OpenSight Software LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version: - Lightmare Studios)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader (HKLM-x32\...\JDownloader) (Version: - AppWork UG (haftungsbeschränkt))
Logitech G11 Keyboard Software 1.03 (HKLM\...\{59427B1F-852F-4AF1-8215-E5B12F966D89}) (Version: 1.3.166.0 - Logitech)
Logitech Harmony Remote Software (x86) (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
marvell 91xx console driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell)
MechWarrior Online (HKLM-x32\...\{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}) (Version: 1.4.1.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Install Application (Version: 2.1002.62.312 - NVIDIA Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6235 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 1.9 - Krzysztof Kowalczyk)
System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Tropico 5 - Steam Special Edition (HKLM-x32\...\{96C8FF19-C95E-44A7-A238-95692578538F}_is1) (Version: 1.1.0 - Kalypso)
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
Gruß Geändert von Infar (07.07.2014 um 15:06 Uhr) |
|
08.07.2014, 09:31
| #10 |
| /// the machine /// TB-Ausbilder | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Trenn mal den Router 30 min vom Strom, und deaktiviere dann IPv6 auf dem Rechner.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.07.2014, 17:04
| #11 |
| | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Hi, es scheint funktioniert zu haben und mein System ist nun auch wieder sauber. Stehe wiedermal tief in deiner Schuld. Vielen Dank  Gruß |
|
09.07.2014, 13:08
| #12 |
| /// the machine /// TB-Ausbilder | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Poste zum Abschluss bitte nochmal ein frisches FRST log
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2014, 17:49
| #13 |
| | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. ok, hier noch einmal FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by Infar (administrator) on ASUSI5 on 09-07-2014 18:46:55 Running from C:\Users\Infar\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbirt\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor) HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe [1783296 2006-07-23] (Logitech Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAF43A178EC99CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default FF Homepage: about:home FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\searchplugins\duckduckgo.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: German Dictionary - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-08] FF Extension: Ghostery - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\firefox@ghostery.com.xpi [2013-08-03] FF Extension: NoScript - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-05-25] FF Extension: Adblock Plus - C:\Users\Infar\AppData\Roaming\Mozilla\Firefox\Profiles\cmjaxt5e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-21] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\congstar\Internet-Manager\Bin\addon Chrome: ======= CHR HomePage: CHR Extension: (Google Docs) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25] CHR Extension: (Google Drive) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25] CHR Extension: (YouTube) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-25] CHR Extension: (Google-Suche) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-25] CHR Extension: (Google Wallet) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-25] CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2014-06-25] CHR Extension: (Google Mail) - C:\Users\Infar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25] CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2012-12-29] ==================== Services (Whitelisted) ================= R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [52896 2010-10-27] (Atheros Commnucations) [File not signed] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-14] () ==================== Drivers (Whitelisted) ==================== R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-05-20] (DT Soft Ltd) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-09] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 Ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [90112 2007-06-08] (Prolific Technology Inc.) [File not signed] S3 usbser64; C:\Windows\System32\DRIVERS\usbser.sys [33280 2013-08-29] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 HSPADataCardusbmdm; system32\DRIVERS\HSPADataCardusbmdm.sys [X] S3 HSPADataCardusbnmea; system32\DRIVERS\HSPADataCardusbnmea.sys [X] S3 HSPADataCardusbser; system32\DRIVERS\HSPADataCardusbser.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S4 NVHDA; system32\drivers\nvhda64v.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-08 18:18 - 2014-07-08 18:18 - 143880056 _____ () C:\Users\Infar\Downloads\avira_free_antivirus_de_464.exe 2014-07-07 16:05 - 2014-07-07 16:05 - 00000000 __SHD () C:\Users\Infar\AppData\Local\EmieUserList 2014-07-07 16:05 - 2014-07-07 16:05 - 00000000 __SHD () C:\Users\Infar\AppData\Local\EmieSiteList 2014-07-07 15:41 - 2014-07-07 15:41 - 00034970 _____ () C:\Users\Infar\Desktop\Result.txt 2014-07-07 15:39 - 2014-07-07 15:39 - 00401920 _____ (Farbar) C:\Users\Infar\Desktop\MiniToolBox.exe 2014-07-06 22:15 - 2014-07-09 18:46 - 00011205 _____ () C:\Users\Infar\Desktop\FRST.txt 2014-07-06 22:13 - 2014-07-06 22:13 - 00854390 _____ () C:\Users\Infar\Downloads\SecurityCheck.exe 2014-07-06 19:46 - 2014-07-06 19:46 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-06 19:45 - 2014-07-06 19:45 - 02347384 _____ (ESET) C:\Users\Infar\Downloads\esetsmartinstaller_deu.exe 2014-07-06 12:44 - 2014-07-06 12:44 - 00001153 _____ () C:\Users\Infar\Desktop\mbam.txt 2014-07-06 12:09 - 2014-07-06 12:09 - 00000000 ____D () C:\ProgramData\Protexis 2014-07-06 12:08 - 2014-07-06 21:08 - 00000080 __RSH () C:\Windows\SysWOW64\25C99808B5.dll 2014-07-06 12:08 - 2014-07-06 12:08 - 00002811 _____ () C:\Users\Public\Desktop\AutoClicker.exe.lnk 2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark Software 2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\ProgramData\Macrovision 2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\Program Files (x86)\Shark Software 2014-07-06 11:29 - 2014-07-09 18:40 - 00000336 _____ () C:\Windows\setupact.log 2014-07-06 11:29 - 2014-07-06 11:29 - 00000310 _____ () C:\Windows\PFRO.log 2014-07-06 11:29 - 2014-07-06 11:29 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-06 11:25 - 2014-07-06 12:54 - 00000000 ____D () C:\AdwCleaner 2014-07-06 11:25 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-05 20:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-05 20:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-05 20:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-05 20:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-05 20:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-05 20:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-05 20:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-05 20:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-05 20:19 - 2014-07-05 20:44 - 00000000 ____D () C:\Qoobox 2014-07-05 19:38 - 2014-07-09 18:46 - 00000000 ____D () C:\FRST 2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable 2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser 2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios 2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk 2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle 2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url 2014-06-25 21:42 - 2014-07-09 18:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-25 21:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-25 21:41 - 2014-07-09 18:40 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-25 21:41 - 2014-07-08 21:51 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-25 21:41 - 2014-06-26 02:46 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-25 21:41 - 2014-06-26 02:46 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-25 21:41 - 2014-06-25 21:42 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google 2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-25 20:25 - 2014-06-25 20:30 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa 2014-06-17 11:58 - 2014-06-25 21:35 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-06-17 11:54 - 2014-06-25 21:35 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared 2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation 2014-06-17 11:44 - 2014-06-25 21:33 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url 2014-06-12 09:13 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-12 09:13 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-12 09:13 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-12 09:13 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-12 09:13 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-12 09:13 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-12 09:13 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-12 09:13 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-12 09:13 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-12 09:13 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-12 09:13 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-12 09:13 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-12 09:13 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-12 09:13 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-12 09:13 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-12 09:13 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-12 09:13 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-12 09:13 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-12 09:13 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-12 09:13 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-12 09:13 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-12 09:13 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-12 09:13 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-12 09:13 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-12 09:13 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-12 09:13 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-12 09:13 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-12 09:13 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-12 09:13 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-12 09:13 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-12 09:13 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-12 09:13 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-12 09:13 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-12 09:13 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-12 09:13 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-12 09:13 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-12 09:13 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-12 09:13 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-12 09:13 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-12 09:13 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-12 09:13 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-12 09:13 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-12 09:13 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-12 09:13 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-12 09:13 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-12 09:13 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-12 09:13 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-12 09:13 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-12 09:13 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-12 09:13 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-12 09:13 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-12 09:13 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-12 09:13 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-12 09:13 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-12 09:13 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-12 09:13 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-12 09:13 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 09:13 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-12 09:13 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-12 09:13 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-12 09:13 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-12 09:13 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-12 09:13 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-12 09:13 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-09 14:55 - 2014-07-05 19:48 - 00074978 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt ==================== One Month Modified Files and Folders ======= 2014-07-09 18:47 - 2014-07-06 22:15 - 00011205 _____ () C:\Users\Infar\Desktop\FRST.txt 2014-07-09 18:46 - 2014-07-05 19:38 - 00000000 ____D () C:\FRST 2014-07-09 18:46 - 2011-07-14 15:03 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\TS3Client 2014-07-09 18:41 - 2014-06-25 21:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-09 18:40 - 2014-07-06 11:29 - 00000336 _____ () C:\Windows\setupact.log 2014-07-09 18:40 - 2014-06-25 21:41 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-09 18:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-08 21:59 - 2012-05-08 21:01 - 01916193 _____ () C:\Windows\WindowsUpdate.log 2014-07-08 21:55 - 2013-09-12 17:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-08 21:55 - 2012-10-10 18:29 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-08 21:51 - 2014-06-25 21:41 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-08 19:19 - 2011-01-21 19:21 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E32FF8B6-3DA1-40CE-9FEC-BE9BD0085B0F} 2014-07-08 18:55 - 2013-09-12 17:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-08 18:55 - 2012-12-23 13:35 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-08 18:55 - 2012-12-23 13:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 18:18 - 2014-07-08 18:18 - 143880056 _____ () C:\Users\Infar\Downloads\avira_free_antivirus_de_464.exe 2014-07-08 18:01 - 2012-12-13 17:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\vlc 2014-07-08 16:27 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-08 16:27 - 2009-07-14 06:45 - 00013424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-07 16:07 - 2012-08-07 21:49 - 00000000 ____D () C:\Users\Infar\AppData\Local\CrashDumps 2014-07-07 16:05 - 2014-07-07 16:05 - 00000000 __SHD () C:\Users\Infar\AppData\Local\EmieUserList 2014-07-07 16:05 - 2014-07-07 16:05 - 00000000 __SHD () C:\Users\Infar\AppData\Local\EmieSiteList 2014-07-07 15:41 - 2014-07-07 15:41 - 00034970 _____ () C:\Users\Infar\Desktop\Result.txt 2014-07-07 15:39 - 2014-07-07 15:39 - 00401920 _____ (Farbar) C:\Users\Infar\Desktop\MiniToolBox.exe 2014-07-06 22:13 - 2014-07-06 22:13 - 00854390 _____ () C:\Users\Infar\Downloads\SecurityCheck.exe 2014-07-06 21:08 - 2014-07-06 12:08 - 00000080 __RSH () C:\Windows\SysWOW64\25C99808B5.dll 2014-07-06 19:46 - 2014-07-06 19:46 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-06 19:45 - 2014-07-06 19:45 - 02347384 _____ (ESET) C:\Users\Infar\Downloads\esetsmartinstaller_deu.exe 2014-07-06 12:54 - 2014-07-06 11:25 - 00000000 ____D () C:\AdwCleaner 2014-07-06 12:44 - 2014-07-06 12:44 - 00001153 _____ () C:\Users\Infar\Desktop\mbam.txt 2014-07-06 12:09 - 2014-07-06 12:09 - 00000000 ____D () C:\ProgramData\Protexis 2014-07-06 12:08 - 2014-07-06 12:08 - 00002811 _____ () C:\Users\Public\Desktop\AutoClicker.exe.lnk 2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark Software 2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\ProgramData\Macrovision 2014-07-06 12:08 - 2014-07-06 12:08 - 00000000 ____D () C:\Program Files (x86)\Shark Software 2014-07-06 11:29 - 2014-07-06 11:29 - 00000310 _____ () C:\Windows\PFRO.log 2014-07-06 11:29 - 2014-07-06 11:29 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-05 20:44 - 2014-07-05 20:19 - 00000000 ____D () C:\Qoobox 2014-07-05 20:40 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-07-05 20:39 - 2009-07-14 04:34 - 68157440 _____ () C:\Windows\system32\config\SOFTWARE.bak 2014-07-05 20:39 - 2009-07-14 04:34 - 24903680 _____ () C:\Windows\system32\config\SYSTEM.bak 2014-07-05 20:39 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak 2014-07-05 20:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak 2014-07-05 20:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak 2014-07-05 20:38 - 2011-05-17 15:50 - 00000000 ____D () C:\Windows\ERDNT 2014-07-05 19:48 - 2014-06-09 14:55 - 00074978 _____ () C:\Users\Infar\Desktop\Neues Textdokument.txt 2014-07-05 19:36 - 2014-07-05 19:36 - 02084352 _____ (Farbar) C:\Users\Infar\Desktop\FRST64.exe 2014-07-05 19:36 - 2014-07-05 19:36 - 00000000 _____ () C:\Users\Infar\defogger_reenable 2014-07-05 19:36 - 2011-01-20 19:03 - 00000000 ____D () C:\Users\Infar 2014-07-03 17:59 - 2012-09-18 18:31 - 00000000 ____D () C:\ProgramData\Origin 2014-07-03 17:41 - 2013-03-06 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-07-03 17:02 - 2012-10-28 11:57 - 00000000 ____D () C:\Users\Infar\AppData\Local\Canon Easy-PhotoPrint EX 2014-07-03 17:02 - 2012-10-28 11:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-07-03 16:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-07-02 20:22 - 2014-07-02 20:22 - 00000000 ____D () C:\Users\Infar\Desktop\Tor Browser 2014-07-01 20:39 - 2014-07-01 20:39 - 00000000 ____D () C:\Users\Infar\Documents\Larian Studios 2014-07-01 19:15 - 2014-07-01 19:15 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-07-01 19:14 - 2014-07-01 19:14 - 00001189 _____ () C:\Users\Public\Desktop\Peggle.lnk 2014-07-01 19:14 - 2014-07-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peggle 2014-07-01 19:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-01 19:13 - 2013-03-06 16:36 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-07-01 19:02 - 2014-07-01 19:02 - 00000222 _____ () C:\Users\Infar\Desktop\Divinity Original Sin.url 2014-07-01 19:02 - 2012-10-10 18:35 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-30 17:51 - 2014-05-25 13:26 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Tropico 5 2014-06-29 13:43 - 2011-07-14 15:00 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-06-26 02:46 - 2014-06-25 21:41 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-26 02:46 - 2014-06-25 21:41 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-25 21:42 - 2014-06-25 21:42 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-25 21:42 - 2014-06-25 21:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-25 21:42 - 2014-06-25 21:41 - 00000000 ____D () C:\Users\Infar\AppData\Local\Google 2014-06-25 21:42 - 2012-01-15 19:45 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-25 21:42 - 2011-05-22 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-25 21:42 - 2011-05-15 19:58 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Malwarebytes 2014-06-25 21:41 - 2014-06-25 21:41 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-25 21:41 - 2011-05-22 09:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-06-25 21:35 - 2014-06-17 11:58 - 00000000 ____D () C:\Windows\System32\Tasks\Sony Corporation 2014-06-25 21:35 - 2014-06-17 11:54 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared 2014-06-25 21:33 - 2014-06-17 11:44 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-06-25 21:32 - 2012-04-23 21:28 - 00000000 ____D () C:\Windows\pss 2014-06-25 21:10 - 2014-04-22 16:23 - 00000000 ____D () C:\Users\Infar\Desktop\qp33 2014-06-25 20:30 - 2014-06-25 20:25 - 00000000 ____D () C:\Users\Infar\Desktop\Teneriffa 2014-06-17 12:03 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2014-06-17 12:03 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2014-06-17 12:03 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-17 11:50 - 2014-06-17 11:50 - 00000000 ____D () C:\Users\Infar\AppData\Roaming\Sony Corporation 2014-06-17 09:19 - 2014-06-17 09:19 - 00000222 _____ () C:\Users\Infar\Desktop\Infinity Wars - Animated Trading Card Game.url 2014-06-14 00:44 - 2013-11-05 19:25 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-06-14 00:06 - 2013-04-27 13:14 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.exe 2014-06-14 00:06 - 2011-10-29 14:42 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0 2014-06-14 00:06 - 2011-10-29 14:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-06-12 22:50 - 2013-04-10 17:44 - 00000000 ____D () C:\Users\Infar\Downloads\A_Brazzers 2014-06-12 16:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-12 13:13 - 2011-01-20 19:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-12 11:56 - 2013-08-14 20:40 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-12 11:55 - 2011-02-25 21:45 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-12 11:53 - 2014-04-30 19:45 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-12 09:08 - 2011-11-18 21:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbirt ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-29 18:15 ==================== End Of Log ============================ |
|
10.07.2014, 13:54
| #14 |
| /// the machine /// TB-Ausbilder | Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Diverse Browser laden auf einmal einige Internetseiten nicht mehr richtig. |
| adobe, antivirus, avira, branding, browser, canon, defender, firefox, flash player, google, helper, homepage, iexplore.exe, launch, lightning, mozilla, problem, programm, realtek, refresh, registry, scan, security, services.exe, software, svchost.exe, system, teamspeak, usb, windows |
WARNUNG an die MITLESER: 
