| |
| |||||||
Log-Analyse und Auswertung: Telekombrief "Hacking": Heimnetzwerk (2xTower, 2xLaptop, 2xNotebook)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.09.2013, 16:48
| #1 |
 |  Telekombrief "Hacking": Heimnetzwerk (2xTower, 2xLaptop, 2xNotebook) Hallo, wir haben Post von der Telekom bekommen, dass von unseren Anschluss aus gehackt worden sei. Ich soll nun alle rechner des Anschlusses Kontrollieren. Im Heimnetzwerk sind: 2xTower (1x Win7 1x Win Vista) 2xLaptops (2x Win7) 2xNotebooks (2xWin Vista) 3xAndroid Handys (von dennen kanns ja nicht kommen oder?) Habe jetzt schonmal das Wlan PW geändert und alle Geräte rausgeworfen. Werde jetzt nach und nach die Geräte verbinden die von euch als sicher und bereinigt gekennzeichnet worden sind. Anfangen würde ich daher mit diesem Pc hier, das ist der Win7 Tower. Hier die Logs des Pcs: Defogger_disable.log: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:20 on 10/09/2013 (Sascha)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-09-2013 01
Ran by Sascha (administrator) on SASCHA-PC on 10-09-2013 17:22:35
Running from C:\Users\Sascha\Desktop\Anticheat
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Windows\system32\dmwu.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(arvato digital services llc) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Windows\SysWOW64\jmdp\stij.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NANotify.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(ASUS) C:\Program Files (x86)\ASUS\PCE-AC66 WLAN Card Utilities\WlanMgr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Users\Sascha\Desktop\Anticheat\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11842152 2011-05-03] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
HKLM\...\Run: [Launch LgDeviceAgent] - C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-06-11] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] - C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2413128 2010-06-11] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] - C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-06-11] (Logitech Inc.)
Winlogon\Notify\klogon: %SystemRoot%\System32\klogon.dll (Kaspersky Lab ZAO)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [Steam] - E:\steam\Steam.exe [1811880 2013-08-28] (Valve Corporation)
HKCU\...\Run: [AdBuck.exe] - C:\Program Files (x86)\AdBuck\AdBuck.exe
HKCU\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [35256 2013-08-22] (Overwolf)
MountPoints2: {14679d97-e302-11e1-a1d3-14dae947038b} - I:\LaunchU3.exe -a
MountPoints2: {abba61d8-c378-11e1-a9a1-806e6f6e6963} - F:\.\Bin\ASSETUP.exe
HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe [1349632 2010-06-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [206448 2013-04-18] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [Logitech G35] - C:\Program Files (x86)\Logitech\G35\G35.exe [1811800 2010-10-05] (Logitech(c))
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)
Startup: C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sascha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - No File
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\7tosl5tb.default
FF NewTab: user_pref("browser.newtab.url", "");
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\7tosl5tb.default\searchplugins\MyStart.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\7tosl5tb.default\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
FF Extension: SQLiteManager - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\7tosl5tb.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
FF Extension: No Name - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\7tosl5tb.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\7tosl5tb.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] C:\Program Files (x86)\Iminent\webbooster@iminent.com
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\ab.crx
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [206448 2013-04-18] (Kaspersky Lab ZAO)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [221696 2012-05-02] ()
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1447728 2013-05-21] ()
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-08-22] (Overwolf Ltd)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-08-11] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-08-07] ()
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-03-23] (Asmedia Technology)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2013-04-18] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
R3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
R3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R3 PcaSp60; C:\Windows\SysWow64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-10 17:20 - 2013-09-10 17:20 - 00000000 _____ C:\Users\Sascha\defogger_reenable
2013-09-10 17:15 - 2013-09-10 17:21 - 00000000 ____D C:\Users\Sascha\Desktop\Anticheat
2013-09-10 17:15 - 2013-09-10 17:15 - 00050477 _____ C:\Users\Sascha\Downloads\Defogger.exe
2013-09-10 16:44 - 2013-09-10 16:44 - 00000000 _____ C:\Users\Sascha\AppData\Roaming\.NANotifyHere
2013-09-09 16:57 - 2013-09-09 16:57 - 00001973 _____ C:\Users\Public\Desktop\Overwolf.lnk
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2013-09-09 16:56 - 2013-09-09 16:57 - 00000000 ____D C:\Program Files (x86)\Overwolf
2013-09-09 16:50 - 2013-09-09 16:59 - 00000000 ____D C:\Users\Sascha\AppData\Local\Overwolf
2013-09-07 11:04 - 2013-09-07 11:04 - 00001903 _____ C:\Users\Sascha\Downloads\new.pwn
2013-09-05 13:46 - 2013-09-05 13:46 - 00000022 _____ C:\Windows\S.dirmngr
2013-09-02 17:43 - 2013-09-09 19:46 - 00000000 ____D C:\Users\Sascha\AppData\Local\Game Dev Tycoon - Steam
2013-08-29 14:15 - 2013-08-29 14:15 - 00012985 _____ C:\Users\Sascha\Desktop\hs_err_pid103144.log
2013-08-23 16:24 - 2013-08-23 16:25 - 12683061 _____ C:\Users\Sascha\Downloads\s0nicTzProjectv0.35FIX2PUBLICVERSIONSAMP0.3x.zip
2013-08-21 16:37 - 2013-08-21 16:37 - 02820085 _____ C:\Users\Sascha\Downloads\3.zip
2013-08-21 16:36 - 2013-08-21 16:36 - 03552174 _____ C:\Users\Sascha\Downloads\93.zip
2013-08-21 16:33 - 2013-08-21 16:33 - 05030080 _____ C:\Users\Sascha\Downloads\151.zip
2013-08-21 16:31 - 2013-08-21 16:31 - 04173578 _____ C:\Users\Sascha\Downloads\163.zip
2013-08-21 16:30 - 2013-08-21 16:31 - 05810856 _____ C:\Users\Sascha\Downloads\164.zip
2013-08-21 16:27 - 2013-08-21 16:29 - 04777814 _____ C:\Users\Sascha\Downloads\146.zip
2013-08-21 16:25 - 2013-08-21 16:25 - 04344751 _____ C:\Users\Sascha\Downloads\145.zip
2013-08-18 12:51 - 2013-08-18 12:51 - 00000000 __SHD C:\ProgramData\DSS
2013-08-18 12:45 - 2013-08-18 12:45 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-08-17 12:09 - 2013-08-17 12:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 03:03 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-16 03:03 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-16 03:03 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-16 03:03 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-16 03:03 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-16 03:03 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-16 03:03 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-16 03:03 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-16 03:03 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-16 03:03 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-16 03:03 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-16 03:03 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-16 03:03 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-16 03:03 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-16 03:03 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-16 03:03 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-16 03:03 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-16 03:03 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-16 03:03 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-16 03:03 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-16 03:03 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 03:03 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 16:15 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 16:15 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 16:15 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 16:15 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 16:15 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 16:15 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 16:15 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 16:15 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 16:15 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 16:15 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 16:15 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 16:15 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 16:15 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 16:15 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 16:15 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 16:15 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 16:15 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 16:15 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 16:15 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 16:15 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 16:15 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 16:15 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 16:15 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 16:15 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 16:15 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 16:15 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 16:15 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Users\Sascha\Documents\Arktos
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Users\Sascha\AppData\Local\CrashRpt
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Users\Sascha\AppData\Local\Arktos
==================== One Month Modified Files and Folders =======
2013-09-10 17:21 - 2013-09-10 17:15 - 00000000 ____D C:\Users\Sascha\Desktop\Anticheat
2013-09-10 17:20 - 2013-09-10 17:20 - 00000000 _____ C:\Users\Sascha\defogger_reenable
2013-09-10 17:20 - 2012-07-01 15:05 - 00000000 ____D C:\Users\Sascha
2013-09-10 17:18 - 2012-07-05 19:10 - 00000600 _____ C:\Users\Sascha\AppData\Roaming\winscp.rnd
2013-09-10 17:17 - 2009-07-14 19:58 - 00707300 _____ C:\Windows\system32\perfh007.dat
2013-09-10 17:17 - 2009-07-14 19:58 - 00152892 _____ C:\Windows\system32\perfc007.dat
2013-09-10 17:17 - 2009-07-14 07:13 - 01642148 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-10 17:15 - 2013-09-10 17:15 - 00050477 _____ C:\Users\Sascha\Downloads\Defogger.exe
2013-09-10 17:13 - 2012-07-01 15:04 - 01934816 _____ C:\Windows\WindowsUpdate.log
2013-09-10 17:09 - 2012-07-01 21:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-10 17:07 - 2012-07-01 17:53 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-09-10 16:46 - 2013-08-07 20:01 - 00004206 _____ C:\Windows\System32\Tasks\Software Updater
2013-09-10 16:46 - 2013-08-07 20:01 - 00004172 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-09-10 16:44 - 2013-09-10 16:44 - 00000000 _____ C:\Users\Sascha\AppData\Roaming\.NANotifyHere
2013-09-09 23:51 - 2012-07-05 19:11 - 00000600 _____ C:\Users\Sascha\AppData\Local\PUTTY.RND
2013-09-09 23:32 - 2013-06-13 21:28 - 00010983 _____ C:\Windows\setupact.log
2013-09-09 19:46 - 2013-09-02 17:43 - 00000000 ____D C:\Users\Sascha\AppData\Local\Game Dev Tycoon - Steam
2013-09-09 19:46 - 2012-07-01 17:39 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Dropbox
2013-09-09 16:59 - 2013-09-09 16:50 - 00000000 ____D C:\Users\Sascha\AppData\Local\Overwolf
2013-09-09 16:57 - 2013-09-09 16:57 - 00001973 _____ C:\Users\Public\Desktop\Overwolf.lnk
2013-09-09 16:57 - 2013-09-09 16:57 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2013-09-09 16:57 - 2013-09-09 16:56 - 00000000 ____D C:\Program Files (x86)\Overwolf
2013-09-09 14:45 - 2013-05-13 19:48 - 00000000 ____D C:\Users\Sascha\AppData\Local\LogMeIn Hamachi
2013-09-09 11:11 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 11:11 - 2009-07-14 06:45 - 00014640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-07 11:04 - 2013-09-07 11:04 - 00001903 _____ C:\Users\Sascha\Downloads\new.pwn
2013-09-05 13:46 - 2013-09-05 13:46 - 00000022 _____ C:\Windows\S.dirmngr
2013-09-05 13:46 - 2012-07-01 17:40 - 00000000 ___RD C:\Users\Sascha\Dropbox
2013-09-05 13:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-04 18:50 - 2013-04-15 18:50 - 00000000 ____D C:\Users\Sascha\AppData\Local\CrashDumps
2013-09-03 19:58 - 2012-12-22 22:46 - 01619106 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-08-29 14:15 - 2013-08-29 14:15 - 00012985 _____ C:\Users\Sascha\Desktop\hs_err_pid103144.log
2013-08-23 17:01 - 2013-02-04 19:58 - 00000000 ____D C:\Users\Sascha\Documents\GTA San Andreas User Files
2013-08-23 16:25 - 2013-08-23 16:24 - 12683061 _____ C:\Users\Sascha\Downloads\s0nicTzProjectv0.35FIX2PUBLICVERSIONSAMP0.3x.zip
2013-08-22 09:12 - 2012-07-01 16:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-21 16:37 - 2013-08-21 16:37 - 02820085 _____ C:\Users\Sascha\Downloads\3.zip
2013-08-21 16:36 - 2013-08-21 16:36 - 03552174 _____ C:\Users\Sascha\Downloads\93.zip
2013-08-21 16:33 - 2013-08-21 16:33 - 05030080 _____ C:\Users\Sascha\Downloads\151.zip
2013-08-21 16:31 - 2013-08-21 16:31 - 04173578 _____ C:\Users\Sascha\Downloads\163.zip
2013-08-21 16:31 - 2013-08-21 16:30 - 05810856 _____ C:\Users\Sascha\Downloads\164.zip
2013-08-21 16:29 - 2013-08-21 16:27 - 04777814 _____ C:\Users\Sascha\Downloads\146.zip
2013-08-21 16:25 - 2013-08-21 16:25 - 04344751 _____ C:\Users\Sascha\Downloads\145.zip
2013-08-21 16:21 - 2012-10-30 21:18 - 00002362 _____ C:\Users\Sascha\Desktop\Daten.txt
2013-08-20 21:45 - 2012-07-01 21:31 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-20 21:45 - 2012-07-01 21:31 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-20 21:45 - 2012-07-01 21:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-18 18:34 - 2013-07-25 18:21 - 00000000 ____D C:\Users\Sascha\AppData\Local\PAYDAY 2
2013-08-18 12:51 - 2013-08-18 12:51 - 00000000 __SHD C:\ProgramData\DSS
2013-08-18 12:51 - 2012-12-22 11:08 - 00000000 ____D C:\Users\Sascha\Documents\EA Games
2013-08-18 12:50 - 2012-12-22 22:54 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-18 12:47 - 2013-06-21 18:52 - 00111066 _____ C:\Windows\DirectX.log
2013-08-18 12:45 - 2013-08-18 12:45 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-08-17 12:09 - 2013-08-17 12:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-16 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-12 22:48 - 2013-06-15 17:00 - 00003112 _____ C:\Windows\PFRO.log
2013-08-12 17:06 - 2013-03-18 18:46 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-12 17:06 - 2012-12-09 15:47 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-11 18:15 - 2012-12-09 15:47 - 00291128 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-11 13:19 - 2013-03-18 18:46 - 00000000 ____D C:\Users\Sascha\AppData\Local\PunkBuster
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Users\Sascha\Documents\Arktos
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Users\Sascha\AppData\Local\CrashRpt
2013-08-11 13:18 - 2013-08-11 13:18 - 00000000 ____D C:\Users\Sascha\AppData\Local\Arktos
2013-08-11 13:18 - 2012-12-09 15:46 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 18:00
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2013 01
Ran by Sascha at 2013-09-10 17:23:01
Running from C:\Users\Sascha\Desktop\Anticheat
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
[translation missing: EVERemoveOnly] (x32)
Adobe AIR (x32 Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Age of Empires II: HD Edition (x32)
Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD AVIVO64 Codecs (Version: 11.7.0.11229)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0806.1213.19931)
AMD Media Foundation Decoders (Version: 1.0.70727.2220)
AMD Steady Video Plug-In (Version: 2.06.0000)
AMD VISION Engine Control Center (x32 Version: 2012.0806.1213.19931)
Android SDK Tools (x32 Version: 0.7)
Antichamber
Arma 2: DayZ Mod (x32)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.0.0)
Asmedia ASM106x SATA Host Controller Driver (x32 Version: 1.2.2.000)
ASUS PCE-AC66 WLAN Card Utilities/Driver (x32 Version: 2.0.2.4)
AVS Update Manager 1.0 (x32)
AVS Video Converter 8 (x32)
AVS4YOU Software Navigator 1.4 (x32)
Binary Domain (x32)
Bing Bar (x32 Version: 7.1.361.0)
BioShock (x32)
BioShock Infinite (x32)
Borderlands (x32)
Borderlands 2 (x32)
Burnout Paradise: The Ultimate Box (x32)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Black Ops II - Zombies (x32)
Call of Duty: Black Ops II (x32)
Camtasia Studio 8 (x32 Version: 8.0.4.1060)
Carrier Command: Gaea Mission (x32)
Castle Crashers (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1213.19931)
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931)
Catalyst Control Center Localization All (x32 Version: 2012.0806.1213.19931)
CCC Help Chinese Standard (x32 Version: 2012.0806.1212.19931)
CCC Help Chinese Traditional (x32 Version: 2012.0806.1212.19931)
CCC Help Czech (x32 Version: 2012.0806.1212.19931)
CCC Help Danish (x32 Version: 2012.0806.1212.19931)
CCC Help Dutch (x32 Version: 2012.0806.1212.19931)
CCC Help English (x32 Version: 2012.0806.1212.19931)
CCC Help Finnish (x32 Version: 2012.0806.1212.19931)
CCC Help French (x32 Version: 2012.0806.1212.19931)
CCC Help German (x32 Version: 2012.0806.1212.19931)
CCC Help Greek (x32 Version: 2012.0806.1212.19931)
CCC Help Hungarian (x32 Version: 2012.0806.1212.19931)
CCC Help Italian (x32 Version: 2012.0806.1212.19931)
CCC Help Japanese (x32 Version: 2012.0806.1212.19931)
CCC Help Korean (x32 Version: 2012.0806.1212.19931)
CCC Help Norwegian (x32 Version: 2012.0806.1212.19931)
CCC Help Polish (x32 Version: 2012.0806.1212.19931)
CCC Help Portuguese (x32 Version: 2012.0806.1212.19931)
CCC Help Russian (x32 Version: 2012.0806.1212.19931)
CCC Help Spanish (x32 Version: 2012.0806.1212.19931)
CCC Help Swedish (x32 Version: 2012.0806.1212.19931)
CCC Help Thai (x32 Version: 2012.0806.1212.19931)
CCC Help Turkish (x32 Version: 2012.0806.1212.19931)
ccc-utility64 (Version: 2012.0806.1213.19931)
Chivalry: Medieval Warfare (x32)
Construct 2 Free (x32)
Corel Graphics - Windows Shell Extension (Version: 16.1.0.843)
Corel Graphics - Windows Shell Extension (Version: 16.1.843)
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843)
CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - DE (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1)
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1)
CorelDRAW Graphics Suite X6 (64-Bit) (Version: 16.1.0.843)
CorelDRAW Graphics Suite X6 (x64) (Version: 16.1)
Counter-Strike: Global Offensive (x32)
Cube World version 0.0.1 (x32 Version: 0.0.1)
DarksidersInstaller (x32 Version: 1.00.1000)
Dead Island Riptide (x32)
DmC Devil May Cry (x32)
Dropbox (HKCU Version: 2.0.22)
eaner (Version: 4.02)
Emergency 2013 (x32)
Endless Space (x32)
Far Cry® 3 (x32)
FileZilla Client 3.2.7.1 (x32 Version: 3.2.7.1)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0)
Fraps (remove only) (x32)
Free YouTube to MP3 Converter version 3.11.29.825 (x32 Version: 3.11.29.825)
Galcon Fusion (x32)
Game Dev Tycoon (x32)
GameSpy Comrade (x32 Version: 1.5.0.156)
GIMP 2.8.0 (Version: 2.8.0)
Gpg4win (2.1.1-34299-beta) (x32 Version: 2.1.1-34299-beta)
Guild Wars 2 (x32)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (x32 Version: 1)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (Version: 22.50.231.0)
HP Officejet Pro 8500 A910 Hilfe (x32 Version: 140.0.2.2)
HP Update (x32 Version: 5.002.006.003)
HydraVision (x32 Version: 4.2.220.0)
I Am Alive (x32)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
IB Updater Service (x32 Version: 3.0.5.4)
Infestation: Survivor Stories (x32)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (x32 Version: 11.1.048)
Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0)
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (x32 Version: 2.0.6.1)
Java(TM) 6 Update 27 (x32 Version: 6.0.270)
Java(TM) SE Development Kit 6 Update 27 (x32 Version: 1.6.0.270)
Just Cause 2 (x32)
Kaspersky Anti-Virus 2012 (x32 Version: 12.0.0.374)
Killing Floor (x32)
Killing Floor Mod: Defence Alliance 2 (x32)
LightScribe System Software (x32 Version: 1.18.22.2)
Logitech G35 (Version: 1.1.178)
Logitech GamePanel Software 3.05.151 (Version: 3.05.151)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Look@LAN 2.50 Build 35 (x32)
MAGIX 3D Maker 7 (x32 Version: 7.0.0.476)
MAGIX Foto & Grafik Designer 2013 (Version: 8.1.2.22581)
MAGIX Foto & Grafik Designer 2013 (x32 Version: 8.1.2.22581)
MAGIX Music Maker 17 Premium (x32 Version: 17.0.0.16)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MAGIX Video deluxe 17 Plus Sonderedition (x32 Version: 10.0.11.0)
Marketsplash Schnellzugriffe (x32 Version: 1.0.1.7)
Mars: War Logs (x32)
Max Local Application (x32 Version: 1.3.6)
Max Payne 3 (x32)
Medal of Honor(TM) Multiplayer (x32)
Medal of Honor(TM) Single Player (x32)
Metro: Last Light (x32)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00)
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0)
Microsoft Visual Basic for Applications 7.1 (x64) German (Version: 7.1.0.0)
Microsoft Visual Basic PowerPacks 10.0 (x32 Version: 10.0.30319)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (x32 Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (x32 Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (x32 Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (x32 Version: 9.0.30729)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0)
Monaco (x32)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
myphotobook.de (x32 Version: 1.4.3)
myphotobook.de (x32 Version: 1.4.3.893)
Nero 12 (x32 Version: 12.5.01300)
Nero 12 Content Pack (x32 Version: 12.0.00400)
Nero Abstract Themes (x32 Version: 12.0.11500)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)
Nero BackItUp (x32 Version: 12.5.1000)
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000)
Nero Blu-ray Player (x32 Version: 12.0.20012)
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.9000)
Nero Burning ROM (x32 Version: 12.5.5001)
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000)
Nero Cliparts (x32 Version: 12.0.11500)
Nero ControlCenter (x32 Version: 11.0.15600)
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000)
Nero Core Components (x32 Version: 11.0.20200)
Nero Disc Menus 1 (x32 Version: 12.0.11500)
Nero Disc Menus 2 (x32 Version: 12.0.11500)
Nero Disc Menus 3 (x32 Version: 12.0.11500)
Nero Disc Menus Basic (x32 Version: 12.0.11500)
Nero Effects Basic (x32 Version: 12.0.11500)
Nero Express (x32 Version: 12.5.5002)
Nero Express Help (CHM) (x32 Version: 12.0.13000)
Nero Family and Events Themes (x32 Version: 12.0.11500)
Nero Football (Soccer) Themes (x32 Version: 12.0.11500)
Nero Holiday and Sports Themes (x32 Version: 12.0.11500)
Nero Image Samples (x32 Version: 12.0.11500)
Nero Kwik Media (x32 Version: 1.18.20100)
Nero Kwik Media Help (CHM) (x32 Version: 12.0.12000)
Nero Kwik Themes Basic (x32 Version: 12.0.11500)
Nero PiP Effects 1 (x32 Version: 12.0.11500)
Nero PiP Effects Basic (x32 Version: 12.0.11500)
Nero Platinum Effects 12 (x32 Version: 12.0.11500)
Nero Recode (x32 Version: 12.5.6000)
Nero Recode Help (CHM) (x32 Version: 12.0.12000)
Nero RescueAgent (x32 Version: 12.0.10002)
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000)
Nero Retro Film Themes (x32 Version: 12.0.11500)
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)
Nero Update (x32 Version: 11.0.11800.31.0)
Nero Video (x32 Version: 12.5.2001)
Nero Video Help (CHM) (x32 Version: 12.0.12000)
Nero Video Samples (x32 Version: 12.0.11500)
Nero Video Transitions 1 (x32 Version: 12.0.11500)
neroxml (x32 Version: 1.0.0)
Notepad++ (x32 Version: 6.1.5)
NVIDIA PhysX (x32 Version: 9.12.1031)
Of Orcs And Men (x32)
Overwolf (x32 Version: 0.44.256)
PAWNit 0.8.4 Beta (x32 Version: 0.8.4)
PAYDAY 2 (x32)
PAYDAY 2 Beta (x32)
PAYDAY: The Heist (x32)
Poker Night 2 (x32)
PremiumSoft Navicat Lite 10.0 (x32)
Prerequisite installer (x32 Version: 12.0.0003)
PunkBuster Services (x32 Version: 0.993)
R.U.S.E (x32)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6363)
Rockstar Games Social Club (x32 Version: 1.1.0.6)
Saints Row IV (x32)
Six Updater (x32 Version: 2.09.7004)
Sleeping Dogs™ (x32)
Sound Blaster X-Fi MB 2 (x32 Version: 1.0)
Steam (x32 Version: 1.0.0.0)
Studie zur Verbesserung von HP Officejet Pro 8500 A910 Produkten (Version: 22.50.231.0)
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007)
SweetPacks bundle uninstaller (x32 Version: 1.0.0001)
Take On Mars (x32)
TeamViewer 8 (x32 Version: 8.0.16642)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
The Bureau: XCOM Declassified (x32)
The Haunted: Hells Reach (x32)
Tom Clancy's Rainbow Six: Lockdown (x32)
Tom Clancy's Rainbow Six: Vegas 2 (x32)
Tomb Raider (x32)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
UltraEdit (HKCU Version: 19.10.1012)
UltraEdit (x32 Version: 19.10.1012)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008)
VLC media player 2.0.4 (x32 Version: 2.0.4)
Wargame: European Escalation (x32)
Welcome App (Start-up experience) (x32 Version: 12.0.15000)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WinSCP 4.3.8 (x32 Version: 4.3.8)
Wurm Online (HKCU)
XCOM: Enemy Unknown (x32)
==================== Restore Points =========================
27-08-2013 10:55:33 Windows Update
03-09-2013 13:25:32 Windows Update
03-09-2013 15:36:08 Free System Utilities
10-09-2013 14:58:33 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {2B85FD2D-FA83-4BBC-989F-092DD5AF72D6} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {48D78828-9F2C-46DC-9DB5-D4921D3A21F8} - System32\Tasks\PCEAC66WLANMGR => C:\Program Files (x86)\ASUS\PCE-AC66 WLAN Card Utilities\WlanMgr.exe [2013-01-24] (ASUS)
Task: {554B1F98-F94A-430B-B02D-BC39D31576C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {6C192C35-E959-4D74-B142-7652CB2F2CDA} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-09-10] ()
Task: {8E202E14-8FA2-4923-ABDC-73CCCC6BDDAD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {BE14F86A-41D8-40EF-9802-6ACE0F052DDC} - System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910 => C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {EF011C53-F3EB-4E1F-8305-AA0BF69B62E5} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {F3F97ECA-9729-4DA5-9CCE-4B55687B1E9F} - System32\Tasks\Freemium1ClickMaint => C:\Users\Sascha\Downloads\1Click.exe
Task: {FE1F87E0-69CE-41BF-B80F-AC11DD1ADD89} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-08-07] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-05-25 02:36 - 2013-05-25 02:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2009-08-23 19:24 - 2009-08-23 19:24 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-07-05 19:10 - 2012-06-07 21:46 - 00192208 _____ (Martin Prikryl) C:\Program Files (x86)\WinSCP\DragExt64.dll
2012-07-30 02:02 - 2012-07-30 02:02 - 00234424 _____ (Corel Corporation) c:\Program Files\Common Files\Corel\Shared\Shell Extension\x64\ShellXP.dll
2012-07-30 02:01 - 2012-07-30 02:01 - 00752072 _____ (Corel Corporation) c:\Program Files\Common Files\Corel\Shared\Shell Extension\x64\FileInfoProvider.dll
2012-07-14 18:03 - 2012-06-09 19:20 - 00196096 _____ (Alexander Roshal) C:\Program Files\WinRAR\rarext.dll
2012-07-01 15:20 - 2009-10-15 13:38 - 00017920 ____N (Creative Technology Ltd.) C:\Windows\system32\THXCfg64.dll
2012-07-01 15:20 - 2009-02-26 12:08 - 00017920 ____N (Creative Technology Ltd.) C:\Windows\system32\AmbRunE.dll
2011-04-24 23:14 - 2013-04-18 19:01 - 00169912 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\scrchpg.dll
2011-04-24 23:14 - 2011-04-24 23:14 - 00189840 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\prremote.dll
2011-04-24 23:14 - 2011-04-24 23:14 - 00405904 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\prloader.dll
2011-04-24 23:13 - 2013-04-18 18:57 - 00147896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\scrchpg.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00030096 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klscav.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00147856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\prremote.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00270736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\prloader.dll
2011-04-24 23:14 - 2013-09-10 01:00 - 01118400 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\params.ppl
2011-04-24 23:14 - 2013-04-18 19:00 - 00042896 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\pxstub.ppl
2011-04-24 23:13 - 2013-09-10 01:00 - 00274624 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\service.dll
2011-04-24 23:13 - 2013-09-10 01:00 - 00979136 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\eka_meta.dll
2011-04-24 23:13 - 2013-04-18 18:58 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ushata.dll
2011-04-24 23:12 - 2011-04-24 23:12 - 00012688 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avpinit.dll
2011-04-24 23:12 - 2013-04-18 18:54 - 00455096 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avpmain.dll
2011-04-24 23:13 - 2013-04-18 18:57 - 00098744 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\fssync.dll
2011-04-24 23:12 - 2011-04-24 23:12 - 00123280 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\DumpWriter.dll
2011-04-24 23:12 - 2011-04-24 23:12 - 00019856 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\CLLDR.DLL
2011-04-24 23:14 - 2011-04-24 23:14 - 00115088 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\nfio.ppl
2011-04-24 23:13 - 2011-04-24 23:13 - 00021392 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\fsdrvplg.ppl
2011-04-24 23:14 - 2011-04-24 23:14 - 00038288 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\winreg.ppl
2011-04-24 23:13 - 2011-04-24 23:13 - 00315792 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\esmgr.dll
2011-04-24 23:13 - 2013-09-10 01:00 - 04460736 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avpgui.ppl
2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtCore4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtGui4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtDeclarative4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtScript4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtSql4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtNetwork4.dll
2011-04-24 23:13 - 2013-04-18 18:59 - 02154936 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\basegui.ppl
2011-04-24 23:14 - 2011-04-24 23:14 - 00041360 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\thpimpl.ppl
2011-04-24 23:13 - 2011-04-24 23:13 - 00074128 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\memmon.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00582032 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\localization_manager.dll
2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll
2011-04-24 23:14 - 2011-04-24 23:14 - 00090512 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\propmap.ppl
2013-02-05 09:25 - 2013-02-05 09:25 - 00773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jmdp\MSVCR100.dll
2013-05-27 10:56 - 2013-05-27 10:56 - 00382976 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2013-02-05 09:25 - 2013-02-05 09:25 - 00362029 _____ () C:\Windows\SysWOW64\jmdp\sqlite3.dll
2013-02-05 09:25 - 2013-02-05 09:25 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jmdp\MSVCP100.dll
2013-04-24 17:06 - 2013-04-15 18:37 - 01444360 ___SH (Microsoft Corporation) \\?\C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-21-3486586727-2579387296-1185174997-1000\Indiv01.key
2011-04-24 23:13 - 2011-04-24 23:13 - 00229776 _____ (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
2013-08-17 12:09 - 2013-08-17 12:09 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-05-25 02:36 - 2013-05-25 02:36 - 00130736 _____ (Dropbox, Inc.) C:\Users\Sascha\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
2012-07-13 17:27 - 2012-07-13 17:27 - 00048024 _____ (Nero AG) C:\Program Files (x86)\Nero\Update\NASvcPS.dll
2013-07-16 16:34 - 2011-01-03 19:17 - 00104448 _____ (Printing Communications Assoc., Inc. (PCAUSA)) C:\Program Files (x86)\ASUS\PCE-AC66 WLAN Card Utilities\ASUSW32N55.DLL
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Xbox 360 Wireless Receiver for Windows
Description: Xbox 360 Wireless Receiver for Windows
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/10/2013 05:06:46 PM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Kaspersky Anti-Virus wurde wegen dieses Fehlers geschlossen.
Programm: Kaspersky Anti-Virus
Datei:
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0
Error: (09/10/2013 05:06:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avp.exe, Version: 12.0.1.513, Zeitstempel: 0x506c673b
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000096
Fehleroffset: 0x00048665
ID des fehlerhaften Prozesses: 0x77c
Startzeit der fehlerhaften Anwendung: 0xavp.exe0
Pfad der fehlerhaften Anwendung: avp.exe1
Pfad des fehlerhaften Moduls: avp.exe2
Berichtskennung: avp.exe3
Error: (09/10/2013 05:05:14 PM) (Source: Application Hang) (User: )
Description: Programm WinSCP.exe, Version 4.3.8.1771 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 7980
Startzeit: 01cead6a58d84626
Endzeit: 4
Anwendungspfad: C:\Program Files (x86)\WinSCP\WinSCP.exe
Berichts-ID: 62a6a6e1-1a2a-11e3-a208-c8a407facc35
Error: (09/08/2013 07:22:56 PM) (Source: Application Hang) (User: )
Description: Programm SaintsRowIV.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 428c
Startzeit: 01ceacb61141f283
Endzeit: 1020
Anwendungspfad: E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
Berichts-ID:
Error: (09/08/2013 01:04:34 PM) (Source: MsiInstaller) (User: Sascha-PC)
Description: Produkt: NVIDIA PhysX -- Fehler 1316. Beim Lesen der Datei E:\steam\steamapps\common\The Bureau\_CommonRedist\PhysX\9.12.1031\PhysX_9.12.1031_SystemSoftware.msi ist ein Netzwerkfehler aufgetreten
Error: (09/07/2013 07:35:44 PM) (Source: MsiInstaller) (User: Sascha-PC)
Description: Produkt: NVIDIA PhysX -- Fehler 1316. Beim Lesen der Datei E:\steam\steamapps\common\The Bureau\_CommonRedist\PhysX\9.12.1031\PhysX_9.12.1031_SystemSoftware.msi ist ein Netzwerkfehler aufgetreten
Error: (09/07/2013 07:35:24 PM) (Source: Application Hang) (User: )
Description: Programm SaintsRowIV.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 6f8c
Startzeit: 01ceabef98453be9
Endzeit: 1010
Anwendungspfad: E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
Berichts-ID:
Error: (09/07/2013 05:39:15 PM) (Source: Application Hang) (User: )
Description: Programm SaintsRowIV.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 6ab8
Startzeit: 01ceabd6f8a503b2
Endzeit: 1326
Anwendungspfad: E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
Berichts-ID:
Error: (09/07/2013 02:16:16 PM) (Source: Application Hang) (User: )
Description: Programm SaintsRowIV.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: afdc
Startzeit: 01ceabbba3ca5ba4
Endzeit: 1220
Anwendungspfad: E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
Berichts-ID:
Error: (09/07/2013 01:15:16 PM) (Source: Application Hang) (User: )
Description: Programm SaintsRowIV.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5254
Startzeit: 01ceabb3f3b25d16
Endzeit: 1290
Anwendungspfad: E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
Berichts-ID:
System errors:
=============
Error: (09/10/2013 05:23:07 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 05:23:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 05:22:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 05:22:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 05:22:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 05:22:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 05:22:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 05:22:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 05:22:19 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/10/2013 05:22:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BCM42RLY" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (09/10/2013 05:06:46 PM) (Source: Application Error)(User: )
Description: Kaspersky Anti-Virus000000000
Error: (09/10/2013 05:06:46 PM) (Source: Application Error)(User: )
Description: avp.exe12.0.1.513506c673bole32.dll6.1.7601.175144ce7b96fc00000960004866577c01ceaa2d862599b3C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exeC:\Windows\syswow64\ole32.dll9c00b27d-1a2a-11e3-a208-c8a407facc35
Error: (09/10/2013 05:05:14 PM) (Source: Application Hang)(User: )
Description: WinSCP.exe4.3.8.1771798001cead6a58d846264C:\Program Files (x86)\WinSCP\WinSCP.exe62a6a6e1-1a2a-11e3-a208-c8a407facc35
Error: (09/08/2013 07:22:56 PM) (Source: Application Hang)(User: )
Description: SaintsRowIV.exe1.0.0.1428c01ceacb61141f2831020E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
Error: (09/08/2013 01:04:34 PM) (Source: MsiInstaller)(User: Sascha-PC)
Description: Produkt: NVIDIA PhysX -- Fehler 1316. Beim Lesen der Datei E:\steam\steamapps\common\The Bureau\_CommonRedist\PhysX\9.12.1031\PhysX_9.12.1031_SystemSoftware.msi ist ein Netzwerkfehler aufgetreten(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 07:35:44 PM) (Source: MsiInstaller)(User: Sascha-PC)
Description: Produkt: NVIDIA PhysX -- Fehler 1316. Beim Lesen der Datei E:\steam\steamapps\common\The Bureau\_CommonRedist\PhysX\9.12.1031\PhysX_9.12.1031_SystemSoftware.msi ist ein Netzwerkfehler aufgetreten(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/07/2013 07:35:24 PM) (Source: Application Hang)(User: )
Description: SaintsRowIV.exe1.0.0.16f8c01ceabef98453be91010E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
Error: (09/07/2013 05:39:15 PM) (Source: Application Hang)(User: )
Description: SaintsRowIV.exe1.0.0.16ab801ceabd6f8a503b21326E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
Error: (09/07/2013 02:16:16 PM) (Source: Application Hang)(User: )
Description: SaintsRowIV.exe1.0.0.1afdc01ceabbba3ca5ba41220E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
Error: (09/07/2013 01:15:16 PM) (Source: Application Hang)(User: )
Description: SaintsRowIV.exe1.0.0.1525401ceabb3f3b25d161290E:\steam\steamapps\common\Saints Row IV\SaintsRowIV.exe
==================== Memory info ===========================
Percentage of memory in use: 20%
Total physical RAM: 12232.28 MB
Available physical RAM: 9731.7 MB
Total Pagefile: 24462.74 MB
Available Pagefile: 20660.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.34 GB) (Free:98.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Programme) (Fixed) (Total:642.61 GB) (Free:69.64 GB) NTFS
Drive f: (Dateien) (Fixed) (Total:911.98 GB) (Free:263.46 GB) NTFS
Drive i: (INTENSO) (Removable) (Total:14.44 GB) (Free:14.27 GB) FAT32
Drive j: (My Passport) (Fixed) (Total:465.73 GB) (Free:90.83 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: D73F389F)
Partition 1: (Not Active) - (Size=912 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9859A435)
Partition 1: (Not Active) - (Size=100 MB) - (Type=06)
Partition 2: (Active) - (Size=231 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=643 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 00038A56)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 14 GB) (Disk ID: 990D2936)
Partition 1: (Not Active) - (Size=14 GB) - (Type=0B)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-10 17:43:59
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\00000074 WDC_WD10 rev.05.0 931,51GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Sascha\AppData\Local\Temp\fwdiqpog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 682 fffff800033b208a 7 bytes [00, 00, 00, 00, 00, 00, 03]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 690 fffff800033b2092 4 bytes [00, 00, 00, 00]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 682 fffff800033b208a 7 bytes [00, 00, 00, 00, 00, 00, 03]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 690 fffff800033b2092 4 bytes [00, 00, 00, 00]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe[2936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077771465 2 bytes [77, 77]
.text C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe[2936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000777714bb 2 bytes [77, 77]
.text ... * 2
.text C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe[2936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077771465 2 bytes [77, 77]
.text C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe[2936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000777714bb 2 bytes [77, 77]
.text ... * 2
.text C:\Windows\SysWOW64\jmdp\stij.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69
.text C:\Windows\SysWOW64\jmdp\stij.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077771465 2 bytes [77, 77]
.text C:\Windows\SysWOW64\jmdp\stij.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155
.text C:\Windows\SysWOW64\jmdp\stij.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000777714bb 2 bytes [77, 77]
.text ...
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[23508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077771465 2 bytes [77, 77]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[23508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000777714bb 2 bytes [77, 77]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[23508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077771465 2 bytes [77, 77]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[23508] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000777714bb 2 bytes [77, 77]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[8404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077771465 2 bytes [77, 77]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[8404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000777714bb 2 bytes [77, 77]
.text ... * 2
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[8404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077771465 2 bytes [77, 77]
.text C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE[8404] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000777714bb 2 bytes [77, 77]
.text ... * 2
.text C:\Users\Sascha\Desktop\Anticheat\Defogger.exe[42976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077771465 2 bytes [77, 77]
.text C:\Users\Sascha\Desktop\Anticheat\Defogger.exe[42976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000777714bb 2 bytes [77, 77]
.text ... * 2
.text C:\Users\Sascha\Desktop\Anticheat\Defogger.exe[42976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077771465 2 bytes [77, 77]
.text C:\Users\Sascha\Desktop\Anticheat\Defogger.exe[42976] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000777714bb 2 bytes [77, 77]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\spoolsv.exe [1720:1936] 000007fef88610c8
Thread C:\Windows\System32\spoolsv.exe [1720:2056] 000007fef8826144
Thread C:\Windows\System32\spoolsv.exe [1720:2060] 000007fefa385fd0
Thread C:\Windows\System32\spoolsv.exe [1720:2068] 000007fefa373438
Thread C:\Windows\System32\spoolsv.exe [1720:2072] 000007fefa3863ec
Thread C:\Windows\System32\spoolsv.exe [1720:2084] 000007fefa373438
Thread C:\Windows\System32\spoolsv.exe [1720:2088] 000007fefa3863ec
Thread C:\Windows\System32\spoolsv.exe [1720:2112] 000007fef9995e5c
Thread C:\Windows\System32\spoolsv.exe [1720:2116] 000007fef9c25074
Thread
Thread C:\Windows\System32\spoolsv.exe [1720:1936] 000007fef88610c8
Thread
Thread C:\Windows\System32\spoolsv.exe [1720:2056] 000007fef8826144
Thread C:\Windows\System32\spoolsv.exe [1720:2060] 000007fefa385fd0
Thread C:\Windows\system32\svchost.exe [3984:1880]
Thread C:\Windows\System32\spoolsv.exe [1720:2068] 000007fefa373438
Thread C:\Windows\system32\svchost.exe [3984:3880]
Thread C:\Windows\System32\spoolsv.exe [1720:2072] 000007fefa3863ec
Thread C:\Windows\system32\svchost.exe [3984:3896]
Thread C:\Windows\System32\spoolsv.exe [1720:2084] 000007fefa373438
Thread C:\Windows\System32\spoolsv.exe [1720:2088] 000007fefa3863ec
Thread C:\Windows\System32\spoolsv.exe [1720:2112] 000007fef9995e5c
Thread C:\Windows\System32\spoolsv.exe [1720:2116] 000007fef9c25074
Thread C:\Windows\System32\WUDFHost.exe [4880:4912] 000007fefbed2a7c
Thread C:\Windows\System32\WUDFHost.exe [4880:5296] 000000007284ee4c
Thread C:\Windows\System32\WUDFHost.exe [4880:5364] 0000000180007448
Thread C:\Windows\System32\WUDFHost.exe [4880:5368] 0000000180007448
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [6132:6284] 000007fefbed2a7c
Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6020:5248] 000007fef49eb6cc
Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6020:3456] 000007fef48ab62c
Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6020:5696] 000007fef48ab62c
Thread C:\Windows\system32\taskhost.exe [3756:3800] 000007fefa442f9c
Thread C:\Windows\system32\taskhost.exe [3756:3804] 000007fefc266204
Thread C:\Windows\system32\svchost.exe [3984:1880] 000007fefa385fd0
Thread C:\Windows\system32\svchost.exe [3984:3880] 000007fefa373438
Thread C:\Windows\system32\svchost.exe [3984:3896] 000007fefa3863ec
Thread C:\Windows\System32\WUDFHost.exe [4880:4912] 000007fefbed2a7c
Thread C:\Windows\System32\WUDFHost.exe [4880:5296] 000000007284ee4c
Thread C:\Windows\System32\WUDFHost.exe [4880:5364] 0000000180007448
Thread C:\Windows\System32\WUDFHost.exe [4880:5368] 0000000180007448
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [6132:6284] 000007fefbed2a7c
Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6020:5248] 000007fef49eb6cc
Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6020:3456] 000007fef48ab62c
Thread C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6020:5696] 000007fef48ab62c
---- EOF - GMER 2.1 ----
Mit freundlichem Gruß Sascha "Goeol" |
| Themen zu Telekombrief "Hacking": Heimnetzwerk (2xTower, 2xLaptop, 2xNotebook) |
| 32 bit, adware.installbrain, bingbar, black, branding, browser, computer, converter, desktop, farbar, farbar recovery scan tool, festplatte, firefox, flash player, freemium, homepage, kaspersky, launch, mozilla, msiinstaller, newtab, nicht möglich, officejet, plug-in, programm, pup.optional.iminent.a, pup.optional.sweetim, pup.optional.sweetim.a, pup.optional.sweetpacks, realtek, refresh, services.exe, software, svchost.exe, taskhost.exe, trojan.downloader, windows xp |
Baum-Darstellung