Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Viel Werbung und Videos im Hintergrund

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.09.2013, 16:51   #1
321meins
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Hallo,

seit einiger Zeit habe ich vermehrt Werbung in Foren und Facebook. Zudem tritt seit ein paar Tagen ab und an der Sound von Werbevideos auf, die ich aber nicht sehe, sondern nur höre. Dagegen hilft nur den Tab zu schließen. Ich surfe mit Chrome.

Virenschutz habe ich Norton Internet Security, aber scheinbar ist da trotzdem irgendwo noch was versteckt. Norton findet zwar immer wieder Tracking Cookies, aber behoben ist das Problem dadurch nicht.

Hier kommt der Buchstabenhaufen der Logs ich hoffe ihr könnt mir weiterhelfen

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01
Ran by Janine (administrator) on FUJI on 20-09-2013 17:18:01
Running from C:\Users\Janine\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-25] (Google Inc.)
MountPoints2: E - E:\FRT_Install.exe
MountPoints2: {170b0609-0c79-11e1-83ba-e839df082830} - E:\FRT_Install.exe
MountPoints2: {170b061d-0c79-11e1-83ba-e839df082830} - E:\FRT_Install.exe
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [80480 2013-06-26] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD9EC287D89D3CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {037625DB-2B90-4770-9E24-FB120449EF98} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {037625DB-2B90-4770-9E24-FB120449EF98} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR Extension: (YouTube) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Norton Identity Protection) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx

==================== Services (Whitelisted) =================

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-04] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-04] (Symantec Corporation)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130919.001\IDSvia64.sys [520280 2013-08-20] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130919.001\IDSvia64.sys [520280 2013-08-20] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130920.002\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130920.002\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130920.002\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130920.002\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2011-03-19] (Sony Ericsson Mobile Communications)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-20 17:17 - 2013-09-20 17:17 - 01950622 _____ (Farbar) C:\Users\Janine\Downloads\FRST64.exe
2013-09-20 17:17 - 2013-09-20 17:17 - 00000000 ____D C:\FRST
2013-09-20 17:16 - 2013-09-20 17:16 - 01083549 _____ (Farbar) C:\Users\Janine\Downloads\FRST.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00050477 _____ C:\Users\Janine\Downloads\Defogger.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00000474 _____ C:\Users\Janine\Downloads\defogger_disable.log
2013-09-20 17:15 - 2013-09-20 17:15 - 00000000 _____ C:\Users\Janine\defogger_reenable
2013-09-18 21:08 - 2013-09-18 21:08 - 01039554 _____ C:\Users\Janine\Downloads\adwcleaner.exe
2013-09-12 07:08 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 07:08 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 07:08 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 07:08 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 07:08 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 07:08 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 07:08 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 07:08 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 07:08 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 07:08 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 07:08 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 07:08 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 19:20 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 19:20 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 19:20 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 19:20 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 19:20 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 19:20 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 19:20 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 19:20 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 19:20 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 19:20 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 19:20 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 19:20 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 19:20 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 19:20 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 19:20 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 19:20 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 19:20 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 19:20 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 19:20 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 19:20 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 19:20 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 19:20 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 19:20 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 19:20 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 19:20 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 19:20 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-03 18:45 - 2013-09-03 18:45 - 00000000 ____D C:\Program Files (x86)\USB Audio
2013-08-30 06:44 - 2013-09-18 21:10 - 00000000 ____D C:\AdwCleaner
2013-08-29 19:18 - 2013-08-29 19:18 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Malwarebytes
2013-08-29 19:18 - 2013-08-29 19:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 19:17 - 2013-08-29 19:17 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Janine\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 18:59 - 2013-08-29 18:59 - 00688992 ____R (Swearware) C:\Users\Janine\Downloads\dds.exe
2013-08-25 08:42 - 2013-08-25 08:42 - 00001657 _____ C:\Users\Public\Desktop\iMesh.lnk

==================== One Month Modified Files and Folders =======

2013-09-20 17:17 - 2013-09-20 17:17 - 01950622 _____ (Farbar) C:\Users\Janine\Downloads\FRST64.exe
2013-09-20 17:17 - 2013-09-20 17:17 - 00000000 ____D C:\FRST
2013-09-20 17:16 - 2013-09-20 17:16 - 01083549 _____ (Farbar) C:\Users\Janine\Downloads\FRST.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00050477 _____ C:\Users\Janine\Downloads\Defogger.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00000474 _____ C:\Users\Janine\Downloads\defogger_disable.log
2013-09-20 17:15 - 2013-09-20 17:15 - 00000000 _____ C:\Users\Janine\defogger_reenable
2013-09-20 17:15 - 2011-02-23 20:11 - 00000000 ____D C:\Users\Janine
2013-09-20 16:50 - 2011-06-25 09:39 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001UA.job
2013-09-20 16:43 - 2012-03-30 06:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-20 16:09 - 2011-02-23 20:08 - 01096322 _____ C:\Windows\WindowsUpdate.log
2013-09-20 15:37 - 2011-03-19 18:26 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2013-09-20 15:37 - 2011-03-19 18:23 - 00000000 ____D C:\Program Files (x86)\Sony Ericsson
2013-09-20 15:37 - 2011-02-23 20:12 - 00000000 ___RD C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-20 11:04 - 2012-03-30 06:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 11:03 - 2012-03-30 06:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 11:03 - 2011-06-03 23:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 11:02 - 2011-06-25 09:39 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001Core.job
2013-09-19 11:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-19 08:18 - 2009-07-14 06:51 - 00175097 _____ C:\Windows\setupact.log
2013-09-18 22:46 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-18 22:46 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-18 21:13 - 2012-10-12 17:29 - 00000000 ____D C:\Users\Janine\FM_Transmitter_02
2013-09-18 21:13 - 2012-08-17 09:21 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-18 21:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-18 21:12 - 2011-03-01 21:50 - 00085132 _____ C:\Windows\PFRO.log
2013-09-18 21:10 - 2013-08-30 06:44 - 00000000 ____D C:\AdwCleaner
2013-09-18 21:08 - 2013-09-18 21:08 - 01039554 _____ C:\Users\Janine\Downloads\adwcleaner.exe
2013-09-12 18:43 - 2011-02-23 20:12 - 00000000 ___RD C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 18:42 - 2009-07-14 06:45 - 00294344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 07:07 - 2013-07-27 03:10 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 06:58 - 2011-02-23 21:08 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-08 09:39 - 2011-09-01 19:21 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Winamp
2013-09-03 18:45 - 2013-09-03 18:45 - 00000000 ____D C:\Program Files (x86)\USB Audio
2013-09-03 17:56 - 2012-01-31 14:14 - 00000000 ____D C:\Users\Janine\Documents\Konto Janine
2013-08-29 19:18 - 2013-08-29 19:18 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Malwarebytes
2013-08-29 19:18 - 2013-08-29 19:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 19:17 - 2013-08-29 19:17 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Janine\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 18:59 - 2013-08-29 18:59 - 00688992 ____R (Swearware) C:\Users\Janine\Downloads\dds.exe
2013-08-25 08:42 - 2013-08-25 08:42 - 00001657 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-08-23 07:04 - 2013-07-10 07:07 - 00000000 ____D C:\Users\Janine\AppData\Local\NPE
2013-08-21 19:33 - 2009-07-14 19:58 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-08-21 19:33 - 2009-07-14 19:58 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-08-21 19:33 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\Janine\AppData\Local\Temp\AskSLib.dll
C:\Users\Janine\AppData\Local\Temp\install_flashplayer11x32axau_gtbd_chrd_dn_aaa_aih.exe
C:\Users\Janine\AppData\Local\Temp\install_flashplayer11x32ax_gtbd_chrd_dn_aaa_aih.exe
C:\Users\Janine\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-19 11:35

==================== End Of Log ============================
         

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-09-2013 01
Ran by Janine at 2013-09-20 17:18:55
Running from C:\Users\Janine\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112)
Advertising Center (x32 Version: 0.0.0.1)
Avanquest update (x32 Version: 1.28)
AVS Screen Capture version 2.0.1 (x32)
AVS Update Manager 1.0 (x32)
AVS Video Converter 8 (x32)
AVS Video Recorder 2.4 (x32)
AVS Video ReMaker 4.0.2.126 (x32)
AVS4YOU Software Navigator 1.4 (x32)
Content Manager 2 (x32 Version: 3.4.1.11834)
D3DX10 (x32 Version: 15.4.2368.0902)
DVD Flick 1.3.0.7 (x32 Version: 1.3.0.7)
Free M4a to MP3 Converter 7.1 (x32)
Free Mp3 Wma Converter V 2.2 (x32 Version: 2.2.0.0)
Free YouTube to MP3 Converter version 3.9.33 (x32)
GIMP 2.8.6 (Version: 2.8.6)
Google Chrome (HKCU Version: 29.0.1547.66)
ImagXpress (x32 Version: 7.0.74.0)
Java 7 Update 15 (x32 Version: 7.0.150)
Java Auto Updater (x32 Version: 2.1.9.0)
Lyrics Finder (x32)
Media Go (x32 Version: 2.1.392)
Media Go Video Playback Engine 1.88.116.12060 (x32 Version: 1.88.116.12060)
MFC RunTime files (x32 Version: 1.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Corporation (x32 Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MP4 To MP3 Converter V3.0 (x32)
MSVCRT (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Naviextras Toolbox Prerequesities (x32 Version: 1.0.0)
Nero 9 Essentials (x32)
Nero BurnRights (x32 Version: 3.4.10.100)
Nero BurnRights Help (x32 Version: 3.4.4.100)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero CoverDesigner (x32 Version: 4.4.9.203)
Nero CoverDesigner Help (x32 Version: 4.4.6.100)
Nero DiscSpeed (x32 Version: 5.4.7.202)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.10.100)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero InfoTool (x32 Version: 6.4.7.204)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.8.1)
Nero StartSmart (x32 Version: 9.4.11.207)
Nero StartSmart Help (x32 Version: 9.4.1.100)
Nero StartSmart OEM (x32 Version: 9.4.10.100)
neroxml (x32 Version: 1.0.0)
Norton Internet Security (x32 Version: 20.4.0.40)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
PlayStation(R)Network Downloader (x32 Version: 2.07.00849)
PlayStation(R)Store (x32 Version: 4.7.14.14146)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.15.0)
Skype Click to Call (x32 Version: 5.6.8442)
Skype™ 5.10 (x32 Version: 5.10.116)
Sony PC Companion 2.10.108 (x32 Version: 2.10.108)
Spotify (HKCU Version: 0.8.4.124.ga3559d86)
swMSM (x32 Version: 12.0.0.1)
Uninstall 1.0.0.1 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Zip Opener (HKCU)
Ver 1.2.0 (x32)
Winamp (x32 Version: 5.64 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
WinRAR
WISO Steuer-Sparbuch 2011 (x32 Version: 18.00.6928)
WISO Steuer-Sparbuch 2012 (x32 Version: 19.00.7304)
WISO Steuer-Sparbuch 2013 (x32 Version: 20.00.8137)

==================== Restore Points  =========================

24-08-2013 12:56:01 Geplanter Prüfpunkt
02-09-2013 14:27:34 Geplanter Prüfpunkt
12-09-2013 04:42:59 Windows Modules Installer
12-09-2013 04:49:31 Windows Modules Installer
19-09-2013 09:42:06 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {4F74EC6C-39AE-4805-B88C-B5E1AB106398} - System32\Tasks\{46BFADCD-A8AB-474A-8B35-B4C9F64196C3} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {554D27B3-117B-46BE-85EE-C240EA7E0B2D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001UA => C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-25] (Google Inc.)
Task: {69019E76-8D07-498E-A649-01FB6810A3C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001Core => C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-25] (Google Inc.)
Task: {7BA9D501-A71D-49E1-99BE-45FFD2971C3A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {9CA17B01-7F3B-46D9-9A9C-C9B0C09585C1} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {B94597EA-A5DE-41E2-8DA1-89558228BD64} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
Task: {C5373CC3-CA53-4BAB-AA74-707088BDF4C0} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {CD122EE0-D50A-4645-8FDC-67EF5D2E3EDB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {F9533743-4F24-4805-8864-940CD3E4E304} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001Core.job => C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001UA.job => C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-07-14 02:18 - 2009-07-14 03:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2010-08-25 20:05 - 2010-08-25 20:05 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrDEU.lrc
2013-02-27 18:32 - 2013-02-13 13:35 - 08907856 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wgui13.dll
2013-02-27 18:33 - 2013-02-13 13:35 - 00028672 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\rsdcom48.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 02583552 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtCorers48.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 09005056 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtGuirs48.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 01031680 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtNetworkrs48.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 00355840 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtXmlrs48.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 00755712 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtSqlrs48.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 01342464 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtScriptrs48.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 02403840 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\Qt3Supportrs48.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 13112832 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtWebKitrs48.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 00109056 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtTestrs48.dll
2013-02-27 18:33 - 2013-02-13 13:34 - 00308816 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\rscorewinapi48.dll
2013-02-27 18:33 - 2013-02-13 13:34 - 00321104 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\rsguiwinapi48.dll
2013-02-27 18:32 - 2013-02-13 13:36 - 02980944 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wcore13.dll
2013-02-27 18:33 - 2013-02-13 13:35 - 00136272 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\rsodbc48.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 02152528 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wfvie13.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 00283136 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtSvgrs48.dll
2013-02-27 18:33 - 2013-02-13 13:34 - 01604176 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wsteu13.dll
2013-02-27 18:33 - 2013-02-13 13:34 - 01716304 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wreli13.dll
2013-02-27 18:32 - 2013-02-12 13:25 - 04128848 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wauff13.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 00272384 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\phononrs48.dll
2013-01-17 15:30 - 2013-02-12 13:03 - 01041408 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-core.dll
2013-01-17 15:30 - 2013-02-12 13:03 - 00094208 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-shared.dll
2013-01-17 15:30 - 2013-01-16 10:51 - 00075264 _____ (Zlib) C:\Program Files (x86)\WISO\Steuersoftware 2013\zlib.dll
2013-01-17 15:30 - 2013-02-12 13:03 - 00251392 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
2013-02-27 18:33 - 2013-02-13 13:35 - 01467984 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wmain13.dll
2013-02-27 18:33 - 2012-11-01 15:32 - 02635264 ____N (Digia Plc) C:\Program Files (x86)\WISO\Steuersoftware 2013\QtXmlpatternsrs48.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 04923984 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae113.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01367632 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae213.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01747024 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae313.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01556048 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae413.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01150032 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\whau113.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01202768 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\whau213.dll
2013-02-27 18:33 - 2013-02-13 13:35 - 01310800 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wwerb13.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 06758480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wkont13.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01230848 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wimp13.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01313872 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wfabu13.dll
2011-01-17 17:19 - 2011-11-07 20:24 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-07-09 06:59 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2013-09-04 06:42 - 2013-09-02 22:34 - 47074256 _____ (Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll
2013-09-04 06:42 - 2013-09-02 22:35 - 09962960 _____ (The ICU Project) C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll
2013-09-16 19:39 - 2013-09-16 19:39 - 00982864 _____ (Symantec Corporation) C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0\npcoplgn.dll
2013-09-04 06:42 - 2013-09-02 20:46 - 00081768 _____ (Microsoft Corporation) C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\xinput1_3.dll
2013-09-04 06:42 - 2013-09-02 20:46 - 03231688 _____ (Microsoft Corporation) C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll
2013-09-04 06:42 - 2013-09-02 22:35 - 00709584 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
2013-09-04 06:42 - 2013-09-02 22:35 - 00099792 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll
2013-09-04 06:42 - 2013-09-02 22:35 - 04053456 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
2013-09-04 06:42 - 2013-09-02 22:35 - 00410576 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
2013-09-04 06:42 - 2013-09-02 22:35 - 02110928 _____ (Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll
2013-09-04 06:42 - 2013-09-02 22:35 - 01604560 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
2013-07-09 06:59 - 2012-05-30 08:51 - 00699280 ____R () C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/19/2013 11:35:05 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (09/19/2013 04:36:57 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16686, Zeitstempel: 0x52058cf0
Name des fehlerhaften Moduls: MMDevApi.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b892
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00023b0c
ID des fehlerhaften Prozesses: 0xbb30
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/19/2013 04:12:21 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16686, Zeitstempel: 0x52058cf0
Name des fehlerhaften Moduls: MMDevApi.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b892
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00023b0c
ID des fehlerhaften Prozesses: 0x214
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/12/2013 06:59:47 PM) (Source: MsiInstaller) (User: Fuji)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011004}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/12/2013 06:45:34 PM) (Source: MsiInstaller) (User: Fuji)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011004}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (09/12/2013 06:41:28 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).

Error: (09/07/2013 01:37:36 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (08/30/2013 07:52:54 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (08/29/2013 09:55:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (08/24/2013 02:49:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.


System errors:
=============
Error: (09/20/2013 04:09:38 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/20/2013 11:47:22 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/20/2013 11:02:15 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/19/2013 05:51:03 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/19/2013 00:40:10 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/19/2013 08:18:50 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/18/2013 10:38:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (09/18/2013 07:30:14 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/18/2013 01:53:25 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/18/2013 01:53:24 PM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (09/19/2013 11:35:05 AM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (09/19/2013 04:36:57 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1668652058cf0MMDevApi.dll6.1.7601.175144ce7b892c000000500023b0cbb3001ceb4ddb545d12dC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\System32\MMDevApi.dll59d7a5e1-20d4-11e3-9a9a-e839df082830

Error: (09/19/2013 04:12:21 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1668652058cf0MMDevApi.dll6.1.7601.175144ce7b892c000000500023b0c21401ceb4afb3ce5d82C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\System32\MMDevApi.dlle9f22804-20d0-11e3-9a9a-e839df082830

Error: (09/12/2013 06:59:47 PM) (Source: MsiInstaller)(User: Fuji)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011004}1625(NULL)(NULL)(NULL)

Error: (09/12/2013 06:45:34 PM) (Source: MsiInstaller)(User: Fuji)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011004}1625(NULL)(NULL)(NULL)

Error: (09/12/2013 06:41:28 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (09/07/2013 01:37:36 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (08/30/2013 07:52:54 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (08/29/2013 09:55:35 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (08/24/2013 02:49:07 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2


==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 3892.55 MB
Available physical RAM: 1901.51 MB
Total Pagefile: 7783.29 MB
Available Pagefile: 5644.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:403.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 0DCE7163)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-09-20 17:35:02
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS545050B9A300 rev.PB4OC61J 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Janine\AppData\Local\Temp\pxldypod.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 544                                                            fffff80002fb8000 45 bytes [00, 00, 37, 00, 4D, 6D, 43, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 591                                                            fffff80002fb802f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                          000000007714fcb0 5 bytes JMP 00000001002a091c
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory                        000000007714fe14 5 bytes JMP 00000001002a0048
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent                                 000000007714fea8 5 bytes JMP 00000001002a02ee
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread                              0000000077150004 5 bytes JMP 00000001002a04b2
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                      0000000077150038 5 bytes JMP 00000001002a09fe
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread                              0000000077150068 5 bytes JMP 00000001002a0ae0
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread                           0000000077150084 5 bytes JMP 0000000100020050
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant                              000000007715079c 5 bytes JMP 00000001002a012a
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject                  000000007715088c 5 bytes JMP 00000001002a0758
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx                            00000000771508a4 5 bytes JMP 00000001002a0676
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver                                0000000077150df4 5 bytes JMP 00000001002a03d0
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread                          0000000077151920 5 bytes JMP 00000001002a0594
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation                      0000000077151be4 5 bytes JMP 00000001002a083a
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread                             0000000077151d70 5 bytes JMP 00000001002a020c
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity + 206            000000007539524f 7 bytes JMP 00000001002a0f52
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA + 380                00000000753953d0 7 bytes JMP 00000001002b0210
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 149               0000000075395677 1 byte JMP 00000001002b0048
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W + 151               0000000075395679 5 bytes {JMP 0xffffffff8af1a9d1}
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\sechost.dll!CreateServiceA + 542                      000000007539589a 7 bytes JMP 00000001002a0ca6
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\sechost.dll!CreateServiceW + 382                      0000000075395a1d 7 bytes JMP 00000001002b03d8
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\sechost.dll!QueryServiceConfigW + 370                 0000000075395c9b 7 bytes JMP 00000001002b012c
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\sechost.dll!ControlServiceExA + 231                   0000000075395d87 7 bytes JMP 00000001002b02f4
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\SysWOW64\sechost.dll!I_ScBroadcastServiceControlMessage + 123  0000000075397240 7 bytes JMP 00000001002a0e6e
.text     C:\Users\Janine\Downloads\gmer_2.1.19163.exe[14900] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882                 0000000076bf1492 7 bytes JMP 00000001002b04bc

---- EOF - GMER 2.1 ----
         

Alt 20.09.2013, 17:02   #2
aharonov
/// TB-Ausbilder
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Hallo,

Zitat:
Ich surfe mit Chrome.
Und wie ist es denn im Internet Explorer? Siehst du dort auch diese Werbung und hörst den Sound oder nicht?
__________________

__________________

Alt 20.09.2013, 17:27   #3
321meins
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



so Buttons wie "schützen sie ihren PC..." tauchen im IE auch auf. Den Videoton konnte ich dort noch nicht hören.
__________________

Alt 20.09.2013, 17:31   #4
aharonov
/// TB-Ausbilder
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



ok.


Schritt 1
  • Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
  • Suche und deinstalliere dort der Reihe nach folgende Einträge:
    • Lyrics Finder
    • Update for Zip Opener
  • Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.



Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von AdwCleaner
  • Log von FRST
__________________
cheers,
Leo

Alt 20.09.2013, 17:47   #5
321meins
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Code:
ATTFilter
# AdwCleaner v3.004 - Bericht erstellt am 20/09/2013 um 18:39:25
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Janine - FUJI
# Gestartet von : C:\Users\Janine\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Google Chrome v

[ Datei : C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1145 octets] - [20/09/2013 18:38:11]
AdwCleaner[S0].txt - [1067 octets] - [20/09/2013 18:39:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1127 octets] ##########
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01
Ran by Janine (administrator) on FUJI on 20-09-2013 18:42:52
Running from C:\Users\Janine\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-25] (Google Inc.)
MountPoints2: E - E:\FRT_Install.exe
MountPoints2: {170b0609-0c79-11e1-83ba-e839df082830} - E:\FRT_Install.exe
MountPoints2: {170b061d-0c79-11e1-83ba-e839df082830} - E:\FRT_Install.exe
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [80480 2013-06-26] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD9EC287D89D3CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {037625DB-2B90-4770-9E24-FB120449EF98} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Janine\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Janine\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Norton Identity Protection) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx

==================== Services (Whitelisted) =================

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-04] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-04] (Symantec Corporation)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130919.001\IDSvia64.sys [520280 2013-08-20] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130919.001\IDSvia64.sys [520280 2013-08-20] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130920.002\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130920.002\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130920.002\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130920.002\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2011-03-19] (Sony Ericsson Mobile Communications)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-20 18:37 - 2013-09-20 18:37 - 01039554 _____ C:\Users\Janine\Downloads\adwcleaner.exe
2013-09-20 17:35 - 2013-09-20 17:35 - 00005207 _____ C:\Users\Janine\Desktop\gmer.log
2013-09-20 17:20 - 2013-09-20 17:20 - 00377856 _____ C:\Users\Janine\Downloads\gmer_2.1.19163.exe
2013-09-20 17:20 - 2013-09-20 17:20 - 00033373 _____ C:\Users\Janine\Desktop\FRST.txt
2013-09-20 17:20 - 2013-09-20 17:20 - 00025351 _____ C:\Users\Janine\Desktop\Addition.txt
2013-09-20 17:18 - 2013-09-20 17:19 - 00025351 _____ C:\Users\Janine\Downloads\Addition.txt
2013-09-20 17:17 - 2013-09-20 17:17 - 01950622 _____ (Farbar) C:\Users\Janine\Downloads\FRST64.exe
2013-09-20 17:17 - 2013-09-20 17:17 - 00000000 ____D C:\FRST
2013-09-20 17:16 - 2013-09-20 17:16 - 01083549 _____ (Farbar) C:\Users\Janine\Downloads\FRST.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00050477 _____ C:\Users\Janine\Downloads\Defogger.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00000474 _____ C:\Users\Janine\Downloads\defogger_disable.log
2013-09-20 17:15 - 2013-09-20 17:15 - 00000000 _____ C:\Users\Janine\defogger_reenable
2013-09-12 07:08 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 07:08 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 07:08 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 07:08 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 07:08 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 07:08 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 07:08 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 07:08 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 07:08 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 07:08 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 07:08 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 07:08 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 19:20 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 19:20 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 19:20 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 19:20 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 19:20 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 19:20 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 19:20 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 19:20 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 19:20 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 19:20 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 19:20 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 19:20 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 19:20 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 19:20 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 19:20 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 19:20 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 19:20 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 19:20 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 19:20 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 19:20 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 19:20 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 19:20 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 19:20 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 19:20 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 19:20 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 19:20 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-03 18:45 - 2013-09-03 18:45 - 00000000 ____D C:\Program Files (x86)\USB Audio
2013-08-30 06:44 - 2013-09-20 18:39 - 00000000 ____D C:\AdwCleaner
2013-08-29 19:18 - 2013-08-29 19:18 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Malwarebytes
2013-08-29 19:18 - 2013-08-29 19:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 19:17 - 2013-08-29 19:17 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Janine\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 18:59 - 2013-08-29 18:59 - 00688992 ____R (Swearware) C:\Users\Janine\Downloads\dds.exe

==================== One Month Modified Files and Folders =======

2013-09-20 18:43 - 2012-03-30 06:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-20 18:42 - 2012-08-17 09:21 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-20 18:41 - 2011-03-01 21:50 - 00085710 _____ C:\Windows\PFRO.log
2013-09-20 18:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-20 18:41 - 2009-07-14 06:51 - 00175153 _____ C:\Windows\setupact.log
2013-09-20 18:40 - 2011-02-23 20:08 - 01098817 _____ C:\Windows\WindowsUpdate.log
2013-09-20 18:39 - 2013-08-30 06:44 - 00000000 ____D C:\AdwCleaner
2013-09-20 18:37 - 2013-09-20 18:37 - 01039554 _____ C:\Users\Janine\Downloads\adwcleaner.exe
2013-09-20 17:50 - 2011-06-25 09:39 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001UA.job
2013-09-20 17:35 - 2013-09-20 17:35 - 00005207 _____ C:\Users\Janine\Desktop\gmer.log
2013-09-20 17:20 - 2013-09-20 17:20 - 00377856 _____ C:\Users\Janine\Downloads\gmer_2.1.19163.exe
2013-09-20 17:20 - 2013-09-20 17:20 - 00033373 _____ C:\Users\Janine\Desktop\FRST.txt
2013-09-20 17:20 - 2013-09-20 17:20 - 00025351 _____ C:\Users\Janine\Desktop\Addition.txt
2013-09-20 17:19 - 2013-09-20 17:18 - 00025351 _____ C:\Users\Janine\Downloads\Addition.txt
2013-09-20 17:17 - 2013-09-20 17:17 - 01950622 _____ (Farbar) C:\Users\Janine\Downloads\FRST64.exe
2013-09-20 17:17 - 2013-09-20 17:17 - 00000000 ____D C:\FRST
2013-09-20 17:16 - 2013-09-20 17:16 - 01083549 _____ (Farbar) C:\Users\Janine\Downloads\FRST.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00050477 _____ C:\Users\Janine\Downloads\Defogger.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00000474 _____ C:\Users\Janine\Downloads\defogger_disable.log
2013-09-20 17:15 - 2013-09-20 17:15 - 00000000 _____ C:\Users\Janine\defogger_reenable
2013-09-20 17:15 - 2011-02-23 20:11 - 00000000 ____D C:\Users\Janine
2013-09-20 15:37 - 2011-03-19 18:26 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2013-09-20 15:37 - 2011-03-19 18:23 - 00000000 ____D C:\Program Files (x86)\Sony Ericsson
2013-09-20 15:37 - 2011-02-23 20:12 - 00000000 ___RD C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-20 11:04 - 2012-03-30 06:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 11:03 - 2012-03-30 06:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 11:03 - 2011-06-03 23:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 11:02 - 2011-06-25 09:39 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001Core.job
2013-09-19 11:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-18 22:46 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-18 22:46 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-18 21:13 - 2012-10-12 17:29 - 00000000 ____D C:\Users\Janine\FM_Transmitter_02
2013-09-12 18:43 - 2011-02-23 20:12 - 00000000 ___RD C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 18:42 - 2009-07-14 06:45 - 00294344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 07:07 - 2013-07-27 03:10 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 06:58 - 2011-02-23 21:08 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-08 09:39 - 2011-09-01 19:21 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Winamp
2013-09-03 18:45 - 2013-09-03 18:45 - 00000000 ____D C:\Program Files (x86)\USB Audio
2013-09-03 17:56 - 2012-01-31 14:14 - 00000000 ____D C:\Users\Janine\Documents\Konto Janine
2013-08-29 19:18 - 2013-08-29 19:18 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Malwarebytes
2013-08-29 19:18 - 2013-08-29 19:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 19:17 - 2013-08-29 19:17 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Janine\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-29 18:59 - 2013-08-29 18:59 - 00688992 ____R (Swearware) C:\Users\Janine\Downloads\dds.exe
2013-08-23 07:04 - 2013-07-10 07:07 - 00000000 ____D C:\Users\Janine\AppData\Local\NPE
2013-08-21 19:33 - 2009-07-14 19:58 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-08-21 19:33 - 2009-07-14 19:58 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-08-21 19:33 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\Janine\AppData\Local\Temp\AskSLib.dll
C:\Users\Janine\AppData\Local\Temp\install_flashplayer11x32axau_gtbd_chrd_dn_aaa_aih.exe
C:\Users\Janine\AppData\Local\Temp\install_flashplayer11x32ax_gtbd_chrd_dn_aaa_aih.exe
C:\Users\Janine\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-19 11:35

==================== End Of Log ============================
         
--- --- ---


Alt 20.09.2013, 17:52   #6
aharonov
/// TB-Ausbilder
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Ist die Situation unverändert?
__________________
--> Windows 7: Viel Werbung und Videos im Hintergrund

Alt 20.09.2013, 18:00   #7
321meins
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Jetzt taucht nur noch normale AdChoices Werbung auf wie Otto etc.

Danke für die super schnelle Hilfe

Alt 21.09.2013, 16:21   #8
aharonov
/// TB-Ausbilder
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Ok, noch eine Kontrolle:



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
cheers,
Leo

Alt 21.09.2013, 23:04   #9
321meins
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e51cb0e04527314f9a1b503589e04f89
# engine=15210
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-21 05:45:13
# local_time=2013-09-21 07:45:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=3591 16777213 100 91 253912 142410897 0 0
# compatibility_mode=5893 16776574 100 94 6144288 131415363 0 0
# compatibility_mode=7937 16777214 0 25 6144129 6144129 0 0
# scanned=189918
# found=0
# cleaned=0
# scan_time=7923
         
Der Videoton ist heute nochmal aufgetaucht. Im Hintergrund beim Facebookspiel Farmville.

Alt 22.09.2013, 21:55   #10
aharonov
/// TB-Ausbilder
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Ok.


Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
cheers,
Leo

Alt 28.09.2013, 08:19   #11
321meins
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Code:
ATTFilter
09:15:43.0131 57800  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:15:43.0887 57800  ============================================================
09:15:43.0887 57800  Current date / time: 2013/09/28 09:15:43.0887
09:15:43.0887 57800  SystemInfo:
09:15:43.0888 57800  
09:15:43.0888 57800  OS Version: 6.1.7601 ServicePack: 1.0
09:15:43.0888 57800  Product type: Workstation
09:15:43.0888 57800  ComputerName: FUJI
09:15:43.0888 57800  UserName: Janine
09:15:43.0888 57800  Windows directory: C:\Windows
09:15:43.0888 57800  System windows directory: C:\Windows
09:15:43.0888 57800  Running under WOW64
09:15:43.0888 57800  Processor architecture: Intel x64
09:15:43.0888 57800  Number of processors: 2
09:15:43.0888 57800  Page size: 0x1000
09:15:43.0888 57800  Boot type: Normal boot
09:15:43.0888 57800  ============================================================
09:15:48.0318 57800  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:15:48.0365 57800  ============================================================
09:15:48.0365 57800  \Device\Harddisk0\DR0:
09:15:48.0367 57800  MBR partitions:
09:15:48.0367 57800  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:15:48.0367 57800  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
09:15:48.0367 57800  ============================================================
09:15:48.0547 57800  C: <-> \Device\Harddisk0\DR0\Partition2
09:15:48.0736 57800  ============================================================
09:15:48.0736 57800  Initialize success
09:15:48.0736 57800  ============================================================
09:16:05.0183 46716  ============================================================
09:16:05.0183 46716  Scan started
09:16:05.0183 46716  Mode: Manual; SigCheck; TDLFS; 
09:16:05.0183 46716  ============================================================
09:16:08.0394 46716  ================ Scan system memory ========================
09:16:08.0394 46716  System memory - ok
09:16:08.0395 46716  ================ Scan services =============================
09:16:08.0566 46716  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:16:08.0995 46716  1394ohci - ok
09:16:09.0029 46716  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:16:09.0078 46716  ACPI - ok
09:16:09.0111 46716  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:16:09.0275 46716  AcpiPmi - ok
09:16:09.0382 46716  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:16:09.0412 46716  AdobeARMservice - ok
09:16:09.0559 46716  [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:16:09.0592 46716  AdobeFlashPlayerUpdateSvc - ok
09:16:09.0642 46716  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
09:16:09.0692 46716  adp94xx - ok
09:16:09.0726 46716  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
09:16:09.0768 46716  adpahci - ok
09:16:09.0818 46716  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
09:16:09.0853 46716  adpu320 - ok
09:16:09.0885 46716  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:16:10.0104 46716  AeLookupSvc - ok
09:16:10.0146 46716  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
09:16:10.0268 46716  AFD - ok
09:16:10.0297 46716  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:16:10.0327 46716  agp440 - ok
09:16:10.0360 46716  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
09:16:10.0433 46716  ALG - ok
09:16:10.0458 46716  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:16:10.0486 46716  aliide - ok
09:16:10.0513 46716  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
09:16:10.0541 46716  amdide - ok
09:16:10.0582 46716  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
09:16:10.0660 46716  AmdK8 - ok
09:16:10.0678 46716  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
09:16:10.0725 46716  AmdPPM - ok
09:16:10.0770 46716  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:16:10.0803 46716  amdsata - ok
09:16:10.0847 46716  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
09:16:10.0883 46716  amdsbs - ok
09:16:10.0902 46716  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:16:10.0932 46716  amdxata - ok
09:16:10.0982 46716  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
09:16:11.0165 46716  AppID - ok
09:16:11.0191 46716  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:16:11.0331 46716  AppIDSvc - ok
09:16:11.0393 46716  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
09:16:11.0456 46716  Appinfo - ok
09:16:11.0488 46716  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
09:16:11.0519 46716  arc - ok
09:16:11.0542 46716  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
09:16:11.0575 46716  arcsas - ok
09:16:11.0608 46716  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:16:11.0737 46716  AsyncMac - ok
09:16:11.0765 46716  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
09:16:11.0793 46716  atapi - ok
09:16:11.0863 46716  [ 8C56E93749BA53A4B645963D3439E01E ] athr            C:\Windows\system32\DRIVERS\athrx.sys
09:16:11.0957 46716  athr - ok
09:16:12.0016 46716  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:16:12.0161 46716  AudioEndpointBuilder - ok
09:16:12.0178 46716  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:16:12.0287 46716  AudioSrv - ok
09:16:12.0337 46716  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:16:12.0474 46716  AxInstSV - ok
09:16:12.0525 46716  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
09:16:12.0609 46716  b06bdrv - ok
09:16:12.0659 46716  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:16:12.0716 46716  b57nd60a - ok
09:16:12.0760 46716  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:16:12.0911 46716  BDESVC - ok
09:16:12.0934 46716  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:16:13.0058 46716  Beep - ok
09:16:13.0130 46716  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
09:16:13.0243 46716  BFE - ok
09:16:13.0735 46716  [ 4AD1940DAAAC84036B65EF78BAE42208 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130924.001\BHDrvx64.sys
09:16:13.0878 46716  BHDrvx64 - ok
09:16:13.0912 46716  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
09:16:14.0110 46716  BITS - ok
09:16:14.0126 46716  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:16:14.0168 46716  blbdrive - ok
09:16:14.0258 46716  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:16:14.0332 46716  bowser - ok
09:16:14.0392 46716  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:16:14.0505 46716  BrFiltLo - ok
09:16:14.0520 46716  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:16:14.0557 46716  BrFiltUp - ok
09:16:14.0592 46716  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
09:16:14.0669 46716  Browser - ok
09:16:14.0698 46716  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:16:14.0783 46716  Brserid - ok
09:16:14.0800 46716  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:16:14.0857 46716  BrSerWdm - ok
09:16:14.0882 46716  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:16:14.0943 46716  BrUsbMdm - ok
09:16:14.0970 46716  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:16:15.0015 46716  BrUsbSer - ok
09:16:15.0043 46716  [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp        C:\Windows\system32\DRIVERS\BthAvrcp.sys
09:16:15.0086 46716  BthAvrcp - ok
09:16:15.0130 46716  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
09:16:15.0350 46716  BthEnum - ok
09:16:15.0380 46716  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
09:16:15.0429 46716  BTHMODEM - ok
09:16:15.0474 46716  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:16:15.0538 46716  BthPan - ok
09:16:15.0604 46716  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
09:16:15.0681 46716  BTHPORT - ok
09:16:15.0713 46716  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
09:16:15.0827 46716  bthserv - ok
09:16:15.0879 46716  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
09:16:16.0255 46716  BTHUSB - ok
09:16:16.0354 46716  [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
09:16:16.0384 46716  ccSet_NIS - ok
09:16:16.0399 46716  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:16:16.0537 46716  cdfs - ok
09:16:16.0606 46716  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:16:16.0657 46716  cdrom - ok
09:16:16.0716 46716  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
09:16:16.0828 46716  CertPropSvc - ok
09:16:16.0891 46716  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
09:16:16.0967 46716  circlass - ok
09:16:17.0025 46716  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
09:16:17.0080 46716  CLFS - ok
09:16:17.0260 46716  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:16:17.0287 46716  clr_optimization_v2.0.50727_32 - ok
09:16:17.0343 46716  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:16:17.0370 46716  clr_optimization_v2.0.50727_64 - ok
09:16:17.0431 46716  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:16:17.0478 46716  clr_optimization_v4.0.30319_32 - ok
09:16:17.0514 46716  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:16:17.0542 46716  clr_optimization_v4.0.30319_64 - ok
09:16:17.0571 46716  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:16:17.0615 46716  CmBatt - ok
09:16:17.0637 46716  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:16:17.0666 46716  cmdide - ok
09:16:17.0713 46716  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
09:16:17.0782 46716  CNG - ok
09:16:17.0809 46716  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:16:17.0838 46716  Compbatt - ok
09:16:17.0879 46716  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:16:17.0932 46716  CompositeBus - ok
09:16:17.0958 46716  COMSysApp - ok
09:16:17.0997 46716  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
09:16:18.0026 46716  crcdisk - ok
09:16:18.0074 46716  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:16:18.0153 46716  CryptSvc - ok
09:16:18.0194 46716  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:16:18.0320 46716  DcomLaunch - ok
09:16:18.0364 46716  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
09:16:18.0484 46716  defragsvc - ok
09:16:18.0530 46716  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:16:18.0639 46716  DfsC - ok
09:16:18.0698 46716  [ 41AC348DBD378F618CB4FDEE54270692 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
09:16:18.0745 46716  dg_ssudbus - ok
09:16:18.0790 46716  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:16:18.0861 46716  Dhcp - ok
09:16:18.0890 46716  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
09:16:19.0016 46716  discache - ok
09:16:19.0058 46716  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
09:16:19.0089 46716  Disk - ok
09:16:19.0115 46716  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:16:19.0185 46716  Dnscache - ok
09:16:19.0227 46716  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:16:19.0337 46716  dot3svc - ok
09:16:19.0362 46716  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
09:16:19.0476 46716  DPS - ok
09:16:19.0522 46716  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:16:19.0567 46716  drmkaud - ok
09:16:19.0621 46716  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:16:19.0692 46716  DXGKrnl - ok
09:16:19.0717 46716  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
09:16:19.0827 46716  EapHost - ok
09:16:19.0943 46716  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
09:16:20.0140 46716  ebdrv - ok
09:16:20.0190 46716  [ A2DA3D8E0B336E13F7A155B5789B58CF ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
09:16:20.0233 46716  eeCtrl - ok
09:16:20.0276 46716  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
09:16:20.0330 46716  EFS - ok
09:16:20.0414 46716  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:16:20.0519 46716  ehRecvr - ok
09:16:20.0541 46716  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
09:16:20.0585 46716  ehSched - ok
09:16:20.0623 46716  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
09:16:20.0674 46716  elxstor - ok
09:16:20.0709 46716  [ 23C3061D2F7F8BCB6140A098447035B4 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:16:20.0737 46716  EraserUtilRebootDrv - ok
09:16:20.0762 46716  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:16:20.0806 46716  ErrDev - ok
09:16:20.0848 46716  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
09:16:20.0963 46716  EventSystem - ok
09:16:20.0991 46716  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
09:16:21.0109 46716  exfat - ok
09:16:21.0138 46716  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:16:21.0249 46716  fastfat - ok
09:16:21.0310 46716  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
09:16:21.0405 46716  Fax - ok
09:16:21.0440 46716  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:16:21.0485 46716  fdc - ok
09:16:21.0517 46716  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
09:16:21.0635 46716  fdPHost - ok
09:16:21.0655 46716  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:16:21.0760 46716  FDResPub - ok
09:16:21.0796 46716  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:16:21.0834 46716  FileInfo - ok
09:16:21.0857 46716  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:16:21.0982 46716  Filetrace - ok
09:16:22.0011 46716  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:16:22.0055 46716  flpydisk - ok
09:16:22.0104 46716  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:16:22.0143 46716  FltMgr - ok
09:16:22.0217 46716  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
09:16:22.0330 46716  FontCache - ok
09:16:22.0376 46716  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:16:22.0400 46716  FontCache3.0.0.0 - ok
09:16:22.0425 46716  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:16:22.0455 46716  FsDepends - ok
09:16:22.0494 46716  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:16:22.0522 46716  Fs_Rec - ok
09:16:22.0579 46716  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:16:22.0622 46716  fvevol - ok
09:16:22.0644 46716  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
09:16:22.0678 46716  gagp30kx - ok
09:16:22.0728 46716  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
09:16:22.0855 46716  gpsvc - ok
09:16:22.0876 46716  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:16:22.0941 46716  hcw85cir - ok
09:16:22.0991 46716  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:16:23.0062 46716  HdAudAddService - ok
09:16:23.0103 46716  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:16:23.0163 46716  HDAudBus - ok
09:16:23.0196 46716  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
09:16:23.0247 46716  HidBatt - ok
09:16:23.0274 46716  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
09:16:23.0324 46716  HidBth - ok
09:16:23.0353 46716  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
09:16:23.0405 46716  HidIr - ok
09:16:23.0434 46716  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
09:16:23.0540 46716  hidserv - ok
09:16:23.0593 46716  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:16:23.0623 46716  HidUsb - ok
09:16:23.0659 46716  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:16:23.0769 46716  hkmsvc - ok
09:16:23.0810 46716  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:16:23.0872 46716  HomeGroupListener - ok
09:16:23.0908 46716  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:16:23.0953 46716  HomeGroupProvider - ok
09:16:23.0998 46716  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:16:24.0029 46716  HpSAMD - ok
09:16:24.0080 46716  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:16:24.0210 46716  HTTP - ok
09:16:24.0238 46716  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:16:24.0268 46716  hwpolicy - ok
09:16:24.0297 46716  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:16:24.0332 46716  i8042prt - ok
09:16:24.0384 46716  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:16:24.0432 46716  iaStorV - ok
09:16:24.0504 46716  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:16:24.0563 46716  idsvc - ok
09:16:24.0676 46716  [ A1258065E8B16E23E2AFDE72FB5559BC ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130926.001\IDSvia64.sys
09:16:24.0721 46716  IDSVia64 - ok
09:16:25.0008 46716  [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:16:25.0491 46716  igfx - ok
09:16:25.0538 46716  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
09:16:25.0567 46716  iirsp - ok
09:16:25.0622 46716  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:16:25.0753 46716  IKEEXT - ok
09:16:25.0786 46716  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
09:16:25.0815 46716  intelide - ok
09:16:25.0871 46716  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:16:25.0925 46716  intelppm - ok
09:16:25.0951 46716  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:16:26.0072 46716  IPBusEnum - ok
09:16:26.0129 46716  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:16:26.0248 46716  IpFilterDriver - ok
09:16:26.0303 46716  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:16:26.0384 46716  iphlpsvc - ok
09:16:26.0410 46716  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:16:26.0443 46716  IPMIDRV - ok
09:16:26.0471 46716  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:16:26.0579 46716  IPNAT - ok
09:16:26.0610 46716  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:16:26.0707 46716  IRENUM - ok
09:16:26.0725 46716  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:16:26.0753 46716  isapnp - ok
09:16:26.0788 46716  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:16:26.0830 46716  iScsiPrt - ok
09:16:26.0853 46716  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
09:16:26.0886 46716  kbdclass - ok
09:16:26.0908 46716  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
09:16:26.0953 46716  kbdhid - ok
09:16:26.0977 46716  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
09:16:27.0006 46716  KeyIso - ok
09:16:27.0050 46716  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:16:27.0082 46716  KSecDD - ok
09:16:27.0094 46716  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:16:27.0128 46716  KSecPkg - ok
09:16:27.0157 46716  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:16:27.0263 46716  ksthunk - ok
09:16:27.0304 46716  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:16:27.0427 46716  KtmRm - ok
09:16:27.0484 46716  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:16:27.0597 46716  LanmanServer - ok
09:16:27.0625 46716  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:16:27.0733 46716  LanmanWorkstation - ok
09:16:27.0796 46716  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:16:27.0895 46716  lltdio - ok
09:16:27.0931 46716  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:16:28.0034 46716  lltdsvc - ok
09:16:28.0062 46716  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:16:28.0157 46716  lmhosts - ok
09:16:28.0216 46716  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
09:16:28.0260 46716  LSI_FC - ok
09:16:28.0318 46716  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
09:16:28.0360 46716  LSI_SAS - ok
09:16:28.0383 46716  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:16:28.0413 46716  LSI_SAS2 - ok
09:16:28.0434 46716  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:16:28.0467 46716  LSI_SCSI - ok
09:16:28.0498 46716  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
09:16:28.0594 46716  luafv - ok
09:16:28.0633 46716  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:16:28.0684 46716  Mcx2Svc - ok
09:16:28.0712 46716  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
09:16:28.0741 46716  megasas - ok
09:16:28.0767 46716  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
09:16:28.0808 46716  MegaSR - ok
09:16:28.0831 46716  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
09:16:28.0937 46716  MMCSS - ok
09:16:28.0952 46716  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
09:16:29.0062 46716  Modem - ok
09:16:29.0087 46716  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:16:29.0134 46716  monitor - ok
09:16:29.0159 46716  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:16:29.0191 46716  mouclass - ok
09:16:29.0232 46716  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:16:29.0277 46716  mouhid - ok
09:16:29.0318 46716  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:16:29.0349 46716  mountmgr - ok
09:16:29.0379 46716  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:16:29.0413 46716  mpio - ok
09:16:29.0429 46716  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:16:29.0535 46716  mpsdrv - ok
09:16:29.0580 46716  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:16:29.0720 46716  MpsSvc - ok
09:16:29.0756 46716  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:16:29.0814 46716  MRxDAV - ok
09:16:29.0847 46716  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:16:29.0915 46716  mrxsmb - ok
09:16:29.0946 46716  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:16:29.0999 46716  mrxsmb10 - ok
09:16:30.0028 46716  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:16:30.0085 46716  mrxsmb20 - ok
09:16:30.0144 46716  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:16:30.0172 46716  msahci - ok
09:16:30.0288 46716  [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
09:16:30.0318 46716  MSCamSvc - ok
09:16:30.0349 46716  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:16:30.0382 46716  msdsm - ok
09:16:30.0396 46716  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
09:16:30.0452 46716  MSDTC - ok
09:16:30.0500 46716  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:16:30.0597 46716  Msfs - ok
09:16:30.0618 46716  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:16:30.0736 46716  mshidkmdf - ok
09:16:30.0778 46716  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:16:30.0809 46716  msisadrv - ok
09:16:30.0870 46716  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:16:31.0098 46716  MSiSCSI - ok
09:16:31.0108 46716  msiserver - ok
09:16:31.0158 46716  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:16:31.0409 46716  MSKSSRV - ok
09:16:31.0437 46716  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:16:31.0589 46716  MSPCLOCK - ok
09:16:31.0621 46716  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:16:31.0714 46716  MSPQM - ok
09:16:31.0813 46716  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:16:31.0849 46716  MsRPC - ok
09:16:31.0885 46716  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:16:31.0908 46716  mssmbios - ok
09:16:31.0948 46716  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:16:32.0037 46716  MSTEE - ok
09:16:32.0058 46716  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
09:16:32.0107 46716  MTConfig - ok
09:16:32.0143 46716  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:16:32.0167 46716  Mup - ok
09:16:32.0209 46716  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
09:16:32.0334 46716  napagent - ok
09:16:32.0393 46716  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:16:32.0457 46716  NativeWifiP - ok
09:16:32.0559 46716  [ 702E07EC32F96ACDB873E9A5465D4401 ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130927.002\ENG64.SYS
09:16:32.0587 46716  NAVENG - ok
09:16:32.0655 46716  [ 302EA314A1AF0D7CEF0A3D0195F79561 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130927.002\EX64.SYS
09:16:32.0771 46716  NAVEX15 - ok
09:16:32.0827 46716  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:16:32.0896 46716  NDIS - ok
09:16:32.0927 46716  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:16:33.0037 46716  NdisCap - ok
09:16:33.0063 46716  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:16:33.0169 46716  NdisTapi - ok
09:16:33.0204 46716  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:16:33.0309 46716  Ndisuio - ok
09:16:33.0343 46716  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:16:33.0452 46716  NdisWan - ok
09:16:33.0512 46716  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:16:33.0629 46716  NDProxy - ok
09:16:33.0804 46716  [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
09:16:33.0867 46716  Nero BackItUp Scheduler 4.0 - ok
09:16:33.0909 46716  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:16:34.0027 46716  NetBIOS - ok
09:16:34.0071 46716  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:16:34.0205 46716  NetBT - ok
09:16:34.0221 46716  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
09:16:34.0253 46716  Netlogon - ok
09:16:34.0294 46716  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
09:16:34.0422 46716  Netman - ok
09:16:34.0453 46716  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
09:16:34.0580 46716  netprofm - ok
09:16:34.0620 46716  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:16:34.0648 46716  NetTcpPortSharing - ok
09:16:34.0675 46716  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
09:16:34.0706 46716  nfrd960 - ok
09:16:34.0779 46716  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
09:16:34.0810 46716  NIS - ok
09:16:34.0883 46716  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:16:34.0937 46716  NlaSvc - ok
09:16:34.0960 46716  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:16:35.0065 46716  Npfs - ok
09:16:35.0097 46716  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
09:16:35.0210 46716  nsi - ok
09:16:35.0245 46716  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:16:35.0352 46716  nsiproxy - ok
09:16:35.0427 46716  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:16:35.0532 46716  Ntfs - ok
09:16:35.0557 46716  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
09:16:35.0662 46716  Null - ok
09:16:35.0698 46716  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:16:35.0732 46716  nvraid - ok
09:16:35.0751 46716  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:16:35.0787 46716  nvstor - ok
09:16:35.0815 46716  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:16:35.0848 46716  nv_agp - ok
09:16:35.0874 46716  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:16:35.0906 46716  ohci1394 - ok
09:16:35.0941 46716  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:16:36.0020 46716  p2pimsvc - ok
09:16:36.0043 46716  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:16:36.0085 46716  p2psvc - ok
09:16:36.0109 46716  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
09:16:36.0143 46716  Parport - ok
09:16:36.0177 46716  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:16:36.0208 46716  partmgr - ok
09:16:36.0236 46716  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:16:36.0303 46716  PcaSvc - ok
09:16:36.0343 46716  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
09:16:36.0378 46716  pci - ok
09:16:36.0409 46716  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
09:16:36.0438 46716  pciide - ok
09:16:36.0466 46716  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
09:16:36.0503 46716  pcmcia - ok
09:16:36.0519 46716  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:16:36.0550 46716  pcw - ok
09:16:36.0576 46716  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:16:36.0707 46716  PEAUTH - ok
09:16:36.0799 46716  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:16:36.0849 46716  PerfHost - ok
09:16:36.0923 46716  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
09:16:37.0072 46716  pla - ok
09:16:37.0117 46716  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:16:37.0193 46716  PlugPlay - ok
09:16:37.0228 46716  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:16:37.0276 46716  PNRPAutoReg - ok
09:16:37.0308 46716  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:16:37.0346 46716  PNRPsvc - ok
09:16:37.0393 46716  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:16:37.0513 46716  PolicyAgent - ok
09:16:37.0553 46716  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
09:16:37.0665 46716  Power - ok
09:16:37.0694 46716  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:16:37.0801 46716  PptpMiniport - ok
09:16:37.0830 46716  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
09:16:37.0873 46716  Processor - ok
09:16:37.0966 46716  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:16:38.0085 46716  ProfSvc - ok
09:16:38.0099 46716  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:16:38.0130 46716  ProtectedStorage - ok
09:16:38.0173 46716  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:16:38.0279 46716  Psched - ok
09:16:38.0317 46716  [ A73512132ECB2CD721E163ABCEAC359F ] qicflt          C:\Windows\system32\DRIVERS\qicflt.sys
09:16:38.0342 46716  qicflt - ok
09:16:38.0393 46716  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
09:16:38.0490 46716  ql2300 - ok
09:16:38.0523 46716  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
09:16:38.0558 46716  ql40xx - ok
09:16:38.0590 46716  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
09:16:38.0653 46716  QWAVE - ok
09:16:38.0678 46716  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:16:38.0739 46716  QWAVEdrv - ok
09:16:38.0753 46716  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:16:38.0868 46716  RasAcd - ok
09:16:38.0914 46716  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:16:39.0036 46716  RasAgileVpn - ok
09:16:39.0072 46716  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
09:16:39.0192 46716  RasAuto - ok
09:16:39.0228 46716  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:16:39.0349 46716  Rasl2tp - ok
09:16:39.0397 46716  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
09:16:39.0531 46716  RasMan - ok
09:16:39.0598 46716  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:16:39.0745 46716  RasPppoe - ok
09:16:39.0853 46716  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:16:39.0996 46716  RasSstp - ok
09:16:40.0096 46716  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:16:40.0233 46716  rdbss - ok
09:16:40.0287 46716  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:16:40.0370 46716  rdpbus - ok
09:16:40.0431 46716  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:16:40.0585 46716  RDPCDD - ok
09:16:40.0833 46716  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:16:41.0039 46716  RDPENCDD - ok
09:16:41.0128 46716  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:16:41.0232 46716  RDPREFMP - ok
09:16:41.0290 46716  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:16:41.0367 46716  RDPWD - ok
09:16:41.0421 46716  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:16:41.0453 46716  rdyboost - ok
09:16:41.0478 46716  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:16:41.0583 46716  RemoteAccess - ok
09:16:41.0620 46716  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:16:41.0773 46716  RemoteRegistry - ok
09:16:41.0834 46716  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:16:42.0369 46716  RFCOMM - ok
09:16:42.0399 46716  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:16:42.0585 46716  RpcEptMapper - ok
09:16:42.0626 46716  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
09:16:42.0695 46716  RpcLocator - ok
09:16:42.0739 46716  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
09:16:42.0838 46716  RpcSs - ok
09:16:42.0881 46716  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:16:42.0967 46716  rspndr - ok
09:16:43.0012 46716  [ 4B42BC58294E83A6A92EC8B88C14C4A3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:16:43.0047 46716  RTL8167 - ok
09:16:43.0095 46716  [ 032F537623A7B2FB81AAA184C30B70C3 ] s0017bus        C:\Windows\system32\DRIVERS\s0017bus.sys
09:16:43.0115 46716  s0017bus - ok
09:16:43.0131 46716  [ 9964A28E569B4FF105B446EF8978FD5C ] s0017mdfl       C:\Windows\system32\DRIVERS\s0017mdfl.sys
09:16:43.0152 46716  s0017mdfl - ok
09:16:43.0179 46716  [ 06347087D274C23DCFA8C4AB5C4314DB ] s0017mdm        C:\Windows\system32\DRIVERS\s0017mdm.sys
09:16:43.0199 46716  s0017mdm - ok
09:16:43.0215 46716  [ F0F0747B3FA50272DE6B1BF575FA4700 ] s0017mgmt       C:\Windows\system32\DRIVERS\s0017mgmt.sys
09:16:43.0234 46716  s0017mgmt - ok
09:16:43.0254 46716  [ 7224412CEA2FF2DF7D4842C1B0E71045 ] s0017nd5        C:\Windows\system32\DRIVERS\s0017nd5.sys
09:16:43.0272 46716  s0017nd5 - ok
09:16:43.0294 46716  [ 3FEADBC7F09B8B596CBFB82F12ABA87F ] s0017obex       C:\Windows\system32\DRIVERS\s0017obex.sys
09:16:43.0315 46716  s0017obex - ok
09:16:43.0367 46716  [ 2B63BEA31D939888B2A8F3F14D89B5C1 ] s0017unic       C:\Windows\system32\DRIVERS\s0017unic.sys
09:16:43.0395 46716  s0017unic - ok
09:16:43.0429 46716  [ 301FBA4594FB5C0A469299A65106B4AA ] s1018bus        C:\Windows\system32\DRIVERS\s1018bus.sys
09:16:43.0449 46716  s1018bus - ok
09:16:43.0478 46716  [ D1D7C744F79710357E60FC04D125ED01 ] s1018mdfl       C:\Windows\system32\DRIVERS\s1018mdfl.sys
09:16:43.0495 46716  s1018mdfl - ok
09:16:43.0515 46716  [ 7DBE12CCCD837D4266B2DDD80A329C09 ] s1018mdm        C:\Windows\system32\DRIVERS\s1018mdm.sys
09:16:43.0534 46716  s1018mdm - ok
09:16:43.0563 46716  [ 065FF5E62D2D18A6D93FD925546CD549 ] s1018mgmt       C:\Windows\system32\DRIVERS\s1018mgmt.sys
09:16:43.0583 46716  s1018mgmt - ok
09:16:43.0597 46716  [ 5101D815BDF0D667E3D5F0EA727CAAEE ] s1018nd5        C:\Windows\system32\DRIVERS\s1018nd5.sys
09:16:43.0621 46716  s1018nd5 - ok
09:16:43.0647 46716  [ 13F220C65B444AC9BDA49DACFC3230BB ] s1018obex       C:\Windows\system32\DRIVERS\s1018obex.sys
09:16:43.0675 46716  s1018obex - ok
09:16:43.0697 46716  [ CE7D8BCE80211D8A35F6BD7A87791860 ] s1018unic       C:\Windows\system32\DRIVERS\s1018unic.sys
09:16:43.0725 46716  s1018unic - ok
09:16:43.0764 46716  [ 0031DD0C5D4446DA0A3E02617DC6D642 ] s1039bus        C:\Windows\system32\DRIVERS\s1039bus.sys
09:16:43.0792 46716  s1039bus - ok
09:16:43.0814 46716  [ 98C7DBE2290D8CB0235E9528F6A1A53D ] s1039mdfl       C:\Windows\system32\DRIVERS\s1039mdfl.sys
09:16:43.0837 46716  s1039mdfl - ok
09:16:43.0861 46716  [ 7EF052A067D862ECD2A2335914611074 ] s1039mdm        C:\Windows\system32\DRIVERS\s1039mdm.sys
09:16:43.0890 46716  s1039mdm - ok
09:16:43.0909 46716  [ BCC3F31F1FE1E78A5BA2CD6A0E44BA64 ] s1039mgmt       C:\Windows\system32\DRIVERS\s1039mgmt.sys
09:16:43.0937 46716  s1039mgmt - ok
09:16:43.0985 46716  [ A0CF11BFFA41176CCD54E701CEB68921 ] s1039nd5        C:\Windows\system32\DRIVERS\s1039nd5.sys
09:16:44.0007 46716  s1039nd5 - ok
09:16:44.0024 46716  [ BD2DA968C5DCEF51BA8014FBAC7A0B6A ] s1039obex       C:\Windows\system32\DRIVERS\s1039obex.sys
09:16:44.0067 46716  s1039obex - ok
09:16:44.0095 46716  [ 96B4051B65C1974258A8A33A03C0B082 ] s1039unic       C:\Windows\system32\DRIVERS\s1039unic.sys
09:16:44.0125 46716  s1039unic - ok
09:16:44.0145 46716  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
09:16:44.0177 46716  SamSs - ok
09:16:44.0207 46716  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:16:44.0240 46716  sbp2port - ok
09:16:44.0271 46716  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:16:44.0382 46716  SCardSvr - ok
09:16:44.0418 46716  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:16:44.0519 46716  scfilter - ok
09:16:44.0592 46716  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
09:16:44.0836 46716  Schedule - ok
09:16:44.0874 46716  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:16:45.0014 46716  SCPolicySvc - ok
09:16:45.0028 46716  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:16:45.0116 46716  SDRSVC - ok
09:16:45.0176 46716  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:16:45.0343 46716  secdrv - ok
09:16:45.0396 46716  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
09:16:45.0499 46716  seclogon - ok
09:16:45.0552 46716  [ EDE7A1D2715AAC2190D51DC07AFD44E3 ] seehcri         C:\Windows\system32\DRIVERS\seehcri.sys
09:16:45.0592 46716  seehcri ( UnsignedFile.Multi.Generic ) - warning
09:16:45.0592 46716  seehcri - detected UnsignedFile.Multi.Generic (1)
09:16:45.0623 46716  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
09:16:45.0719 46716  SENS - ok
09:16:45.0737 46716  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:16:45.0804 46716  SensrSvc - ok
09:16:45.0818 46716  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
09:16:45.0845 46716  Serenum - ok
09:16:45.0874 46716  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
09:16:45.0908 46716  Serial - ok
09:16:45.0957 46716  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
09:16:45.0982 46716  sermouse - ok
09:16:46.0030 46716  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:16:46.0147 46716  SessionEnv - ok
09:16:46.0181 46716  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:16:46.0229 46716  sffdisk - ok
09:16:46.0236 46716  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:16:46.0278 46716  sffp_mmc - ok
09:16:46.0297 46716  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:16:46.0351 46716  sffp_sd - ok
09:16:46.0386 46716  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
09:16:46.0430 46716  sfloppy - ok
09:16:46.0477 46716  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:16:46.0599 46716  SharedAccess - ok
09:16:46.0638 46716  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:16:46.0755 46716  ShellHWDetection - ok
09:16:46.0793 46716  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:16:46.0831 46716  SiSRaid2 - ok
09:16:46.0863 46716  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
09:16:46.0916 46716  SiSRaid4 - ok
09:16:46.0969 46716  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:16:47.0032 46716  SkypeUpdate - ok
09:16:47.0080 46716  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:16:47.0364 46716  Smb - ok
09:16:47.0416 46716  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:16:47.0471 46716  SNMPTRAP - ok
09:16:47.0593 46716  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
09:16:47.0625 46716  Sony PC Companion ( UnsignedFile.Multi.Generic ) - warning
09:16:47.0625 46716  Sony PC Companion - detected UnsignedFile.Multi.Generic (1)
09:16:47.0665 46716  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:16:47.0701 46716  spldr - ok
09:16:47.0750 46716  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
09:16:47.0880 46716  Spooler - ok
09:16:48.0016 46716  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
09:16:48.0327 46716  sppsvc - ok
09:16:48.0354 46716  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:16:48.0667 46716  sppuinotify - ok
09:16:48.0771 46716  [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP           C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS
09:16:48.0861 46716  SRTSP - ok
09:16:48.0879 46716  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
09:16:48.0899 46716  SRTSPX - ok
09:16:48.0939 46716  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:16:49.0007 46716  srv - ok
09:16:49.0040 46716  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:16:49.0085 46716  srv2 - ok
09:16:49.0110 46716  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:16:49.0160 46716  srvnet - ok
09:16:49.0201 46716  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:16:49.0295 46716  SSDPSRV - ok
09:16:49.0319 46716  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:16:49.0453 46716  SstpSvc - ok
09:16:49.0499 46716  [ B4C983DA20E2970E21893BF0E4EE2AD8 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
09:16:49.0521 46716  ssudmdm - ok
09:16:49.0558 46716  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
09:16:49.0580 46716  stexstor - ok
09:16:49.0634 46716  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
09:16:49.0694 46716  stisvc - ok
09:16:49.0721 46716  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:16:49.0741 46716  swenum - ok
09:16:49.0767 46716  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
09:16:50.0005 46716  swprv - ok
09:16:50.0057 46716  [ 52DC0048D667757A8A2E4C87182890AC ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
09:16:50.0083 46716  SymDS - ok
09:16:50.0189 46716  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
09:16:50.0282 46716  SymEFA - ok
09:16:50.0340 46716  [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
09:16:50.0366 46716  SymEvent - ok
09:16:50.0382 46716  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
09:16:50.0426 46716  SymIRON - ok
09:16:50.0522 46716  [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS         C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS
09:16:50.0572 46716  SymNetS - ok
09:16:50.0838 46716  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
09:16:51.0117 46716  SysMain - ok
09:16:51.0153 46716  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:16:51.0210 46716  TabletInputService - ok
09:16:51.0237 46716  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:16:51.0376 46716  TapiSrv - ok
09:16:51.0459 46716  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
09:16:51.0576 46716  TBS - ok
09:16:51.0687 46716  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:16:51.0806 46716  Tcpip - ok
09:16:51.0992 46716  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:16:52.0129 46716  TCPIP6 - ok
09:16:52.0198 46716  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:16:52.0245 46716  tcpipreg - ok
09:16:52.0316 46716  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:16:52.0425 46716  TDPIPE - ok
09:16:52.0465 46716  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:16:52.0508 46716  TDTCP - ok
09:16:52.0554 46716  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:16:52.0682 46716  tdx - ok
09:16:52.0712 46716  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:16:52.0767 46716  TermDD - ok
09:16:52.0799 46716  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
09:16:53.0196 46716  TermService - ok
09:16:53.0244 46716  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
09:16:53.0300 46716  Themes - ok
09:16:53.0331 46716  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
09:16:53.0436 46716  THREADORDER - ok
09:16:53.0466 46716  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
09:16:53.0580 46716  TrkWks - ok
09:16:53.0664 46716  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:16:53.0767 46716  TrustedInstaller - ok
09:16:53.0829 46716  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:16:53.0929 46716  tssecsrv - ok
09:16:53.0990 46716  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:16:54.0071 46716  TsUsbFlt - ok
09:16:54.0148 46716  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:16:54.0228 46716  tunnel - ok
09:16:54.0257 46716  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
09:16:54.0284 46716  uagp35 - ok
09:16:54.0326 46716  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:16:54.0405 46716  udfs - ok
09:16:54.0439 46716  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:16:54.0474 46716  UI0Detect - ok
09:16:54.0544 46716  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:16:54.0605 46716  uliagpkx - ok
09:16:54.0637 46716  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
09:16:54.0683 46716  umbus - ok
09:16:54.0711 46716  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
09:16:54.0737 46716  UmPass - ok
09:16:54.0773 46716  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
09:16:54.0977 46716  upnphost - ok
09:16:55.0039 46716  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:16:55.0073 46716  usbaudio - ok
09:16:55.0090 46716  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:16:55.0142 46716  usbccgp - ok
09:16:55.0188 46716  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:16:55.0227 46716  usbcir - ok
09:16:55.0249 46716  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:16:55.0295 46716  usbehci - ok
09:16:55.0359 46716  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:16:55.0408 46716  usbhub - ok
09:16:55.0438 46716  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:16:55.0491 46716  usbohci - ok
09:16:55.0533 46716  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:16:55.0588 46716  usbprint - ok
09:16:55.0652 46716  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:16:55.0691 46716  usbscan - ok
09:16:55.0728 46716  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:16:55.0810 46716  USBSTOR - ok
09:16:55.0824 46716  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:16:55.0869 46716  usbuhci - ok
09:16:55.0896 46716  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:16:55.0948 46716  usbvideo - ok
09:16:55.0981 46716  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
09:16:56.0095 46716  UxSms - ok
09:16:56.0123 46716  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
09:16:56.0153 46716  VaultSvc - ok
09:16:56.0186 46716  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:16:56.0215 46716  vdrvroot - ok
09:16:56.0254 46716  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
09:16:56.0381 46716  vds - ok
09:16:56.0420 46716  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:16:56.0460 46716  vga - ok
09:16:56.0490 46716  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:16:56.0629 46716  VgaSave - ok
09:16:56.0716 46716  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:16:56.0760 46716  vhdmp - ok
09:16:56.0796 46716  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:16:56.0827 46716  viaide - ok
09:16:56.0853 46716  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:16:56.0884 46716  volmgr - ok
09:16:57.0111 46716  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:16:57.0231 46716  volmgrx - ok
09:16:57.0298 46716  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:16:57.0431 46716  volsnap - ok
09:16:57.0465 46716  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
09:16:57.0499 46716  vsmraid - ok
09:16:57.0565 46716  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
09:16:57.0754 46716  VSS - ok
09:16:57.0768 46716  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:16:57.0884 46716  vwifibus - ok
09:16:57.0918 46716  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:16:58.0043 46716  vwififlt - ok
09:16:58.0118 46716  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:16:58.0208 46716  vwifimp - ok
09:16:58.0393 46716  [ C366AE91D2CC2C1C25380061D235C36B ] VX3000          C:\Windows\system32\DRIVERS\VX3000.sys
09:16:58.0514 46716  VX3000 - ok
09:16:58.0556 46716  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
09:16:58.0680 46716  W32Time - ok
09:16:58.0713 46716  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
09:16:58.0759 46716  WacomPen - ok
09:16:58.0816 46716  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:16:58.0935 46716  WANARP - ok
09:16:58.0949 46716  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:16:59.0090 46716  Wanarpv6 - ok
09:16:59.0232 46716  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:16:59.0368 46716  WatAdminSvc - ok
09:16:59.0467 46716  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
09:16:59.0579 46716  wbengine - ok
09:16:59.0609 46716  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:16:59.0653 46716  WbioSrvc - ok
09:16:59.0703 46716  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:16:59.0759 46716  wcncsvc - ok
09:16:59.0782 46716  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:16:59.0847 46716  WcsPlugInService - ok
09:16:59.0876 46716  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
09:16:59.0902 46716  Wd - ok
09:16:59.0962 46716  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:17:00.0023 46716  Wdf01000 - ok
09:17:00.0037 46716  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:17:00.0141 46716  WdiServiceHost - ok
09:17:00.0147 46716  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:17:00.0195 46716  WdiSystemHost - ok
09:17:00.0234 46716  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
09:17:00.0300 46716  WebClient - ok
09:17:00.0343 46716  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:17:00.0462 46716  Wecsvc - ok
09:17:00.0474 46716  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:17:00.0586 46716  wercplsupport - ok
09:17:00.0619 46716  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:17:00.0730 46716  WerSvc - ok
09:17:00.0775 46716  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:17:00.0869 46716  WfpLwf - ok
09:17:00.0879 46716  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:17:00.0908 46716  WIMMount - ok
09:17:00.0922 46716  WinDefend - ok
09:17:00.0935 46716  WinHttpAutoProxySvc - ok
09:17:01.0007 46716  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:17:01.0107 46716  Winmgmt - ok
09:17:01.0182 46716  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
09:17:01.0358 46716  WinRM - ok
09:17:01.0426 46716  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:17:01.0486 46716  WinUsb - ok
09:17:01.0537 46716  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:17:01.0627 46716  Wlansvc - ok
09:17:01.0776 46716  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:17:01.0906 46716  wlidsvc - ok
09:17:01.0931 46716  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:17:01.0995 46716  WmiAcpi - ok
09:17:02.0067 46716  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:17:02.0147 46716  wmiApSrv - ok
09:17:02.0221 46716  WMPNetworkSvc - ok
09:17:02.0265 46716  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:17:02.0328 46716  WPCSvc - ok
09:17:02.0361 46716  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:17:02.0423 46716  WPDBusEnum - ok
09:17:02.0449 46716  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:17:02.0559 46716  ws2ifsl - ok
09:17:02.0597 46716  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
09:17:02.0665 46716  wscsvc - ok
09:17:02.0670 46716  WSearch - ok
09:17:02.0767 46716  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:17:02.0909 46716  wuauserv - ok
09:17:02.0947 46716  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:17:03.0025 46716  WudfPf - ok
09:17:03.0101 46716  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:17:03.0531 46716  WUDFRd - ok
09:17:03.0559 46716  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:17:03.0631 46716  wudfsvc - ok
09:17:03.0688 46716  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:17:03.0844 46716  WwanSvc - ok
09:17:03.0924 46716  ================ Scan global ===============================
09:17:03.0950 46716  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:17:03.0988 46716  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
09:17:04.0002 46716  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
09:17:04.0033 46716  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:17:04.0064 46716  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:17:04.0071 46716  [Global] - ok
09:17:04.0072 46716  ================ Scan MBR ==================================
09:17:04.0088 46716  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:17:05.0028 46716  \Device\Harddisk0\DR0 - ok
09:17:05.0029 46716  ================ Scan VBR ==================================
09:17:05.0059 46716  [ 09E2D839CCBED7A756E13FAD9EA7F992 ] \Device\Harddisk0\DR0\Partition1
09:17:05.0071 46716  \Device\Harddisk0\DR0\Partition1 - ok
09:17:05.0087 46716  [ A9077E1A568CFBE44D71CA43DF0CC375 ] \Device\Harddisk0\DR0\Partition2
09:17:05.0089 46716  \Device\Harddisk0\DR0\Partition2 - ok
09:17:05.0090 46716  ============================================================
09:17:05.0090 46716  Scan finished
09:17:05.0090 46716  ============================================================
09:17:05.0107 34716  Detected object count: 2
09:17:05.0107 34716  Actual detected object count: 2
09:17:16.0248 34716  seehcri ( UnsignedFile.Multi.Generic ) - skipped by user
09:17:16.0249 34716  seehcri ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:17:16.0249 34716  Sony PC Companion ( UnsignedFile.Multi.Generic ) - skipped by user
09:17:16.0249 34716  Sony PC Companion ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Ich habe jetzt noch AdBlock bei Chrome aktiviert, bisher ist noch nichts ungewöhnliches aufgetaucht.

Alt 01.10.2013, 14:50   #12
aharonov
/// TB-Ausbilder
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Läuft immer noch alles normal oder sind wieder Probleme aufgetaucht?
__________________
cheers,
Leo

Alt 05.10.2013, 08:53   #13
321meins
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Jetzt habe ich in Foren einige Wörter unterstrichen
Miniaturansicht angehängter Grafiken
Windows 7: Viel Werbung und Videos im Hintergrund-fehler.jpg  

Alt 05.10.2013, 10:18   #14
aharonov
/// TB-Ausbilder
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Dann ist da wieder Adware hinzugekommen.


Starte noch einmal FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.
__________________
cheers,
Leo

Alt 05.10.2013, 16:03   #15
321meins
 
Windows 7: Viel Werbung und Videos im Hintergrund - Standard

Windows 7: Viel Werbung und Videos im Hintergrund



Hab ich mir schon gedacht, hartnäckiges Zeugs


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Janine (administrator) on FUJI on 05-10-2013 17:00:15
Running from C:\Users\Janine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VJ11R1I
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2013\mshaktuell.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_175_ActiveX.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [VX3000] - C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-06-25] (Google Inc.)
MountPoints2: E - E:\FRT_Install.exe
MountPoints2: {170b0609-0c79-11e1-83ba-e839df082830} - E:\FRT_Install.exe
MountPoints2: {170b061d-0c79-11e1-83ba-e839df082830} - E:\FRT_Install.exe
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [80480 2013-06-26] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD9EC287D89D3CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {037625DB-2B90-4770-9E24-FB120449EF98} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {037625DB-2B90-4770-9E24-FB120449EF98} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR Plugin: (Shockwave Flash) - C:\Users\Janine\AppData\Local\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Janine\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Janine\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (PlayStation(R)Network Downloader Check Plug-in) - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Janine\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0
CHR Extension: (Norton Identity Protection) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Plus-HD-2.3) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.25.74_0
CHR Extension: (Gmail) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx

==================== Services (Whitelisted) =================

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-24] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-24] (Symantec Corporation)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20131004.001\IDSvia64.sys [520280 2013-08-20] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20131004.001\IDSvia64.sys [520280 2013-08-20] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20131004.035\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20131004.035\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20131004.035\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20131004.035\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2011-03-19] (Sony Ericsson Mobile Communications)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-28 09:15 - 2013-09-28 09:15 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Janine\Downloads\tdsskiller.exe
2013-09-21 17:28 - 2013-09-21 17:28 - 02347384 _____ (ESET) C:\Users\Janine\Downloads\esetsmartinstaller_enu.exe
2013-09-20 18:45 - 2013-09-20 18:45 - 00035678 _____ C:\Users\Janine\Downloads\FRST1.txt
2013-09-20 18:43 - 2013-09-20 18:44 - 00035678 _____ C:\Users\Janine\Downloads\FRST.txt
2013-09-20 18:37 - 2013-09-20 18:37 - 01039554 _____ C:\Users\Janine\Downloads\adwcleaner.exe
2013-09-20 17:20 - 2013-09-20 17:20 - 00377856 _____ C:\Users\Janine\Downloads\gmer_2.1.19163.exe
2013-09-20 17:18 - 2013-09-20 17:19 - 00025351 _____ C:\Users\Janine\Downloads\Addition.txt
2013-09-20 17:17 - 2013-09-20 17:17 - 00000000 ____D C:\FRST
2013-09-20 17:15 - 2013-09-20 17:15 - 00050477 _____ C:\Users\Janine\Downloads\Defogger.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00000474 _____ C:\Users\Janine\Downloads\defogger_disable.log
2013-09-20 17:15 - 2013-09-20 17:15 - 00000000 _____ C:\Users\Janine\defogger_reenable
2013-09-12 07:08 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 07:08 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 07:08 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 07:08 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 07:08 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 07:08 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 07:08 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 07:08 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 07:08 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 07:08 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 07:08 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 07:08 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 07:08 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 07:08 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 19:20 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 19:20 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 19:20 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 19:20 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 19:20 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 19:20 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 19:20 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 19:20 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 19:20 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 19:20 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 19:20 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 19:20 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 19:20 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 19:20 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 19:20 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 19:20 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 19:20 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 19:20 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 19:20 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 19:20 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 19:20 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 19:20 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 19:20 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 19:20 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 19:20 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 19:20 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 19:20 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

==================== One Month Modified Files and Folders =======

2013-10-05 16:50 - 2011-06-25 09:39 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001UA.job
2013-10-05 16:43 - 2012-03-30 06:41 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-05 16:34 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-05 16:34 - 2009-07-14 06:45 - 00015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-05 16:30 - 2011-02-23 20:08 - 01388517 _____ C:\Windows\WindowsUpdate.log
2013-10-05 16:26 - 2012-08-17 09:21 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-10-05 16:26 - 2011-03-01 21:50 - 00086886 _____ C:\Windows\PFRO.log
2013-10-05 16:26 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-05 16:26 - 2009-07-14 06:51 - 00188257 _____ C:\Windows\setupact.log
2013-10-05 09:51 - 2013-06-30 17:42 - 00000000 ____D C:\Users\Janine\.gimp-2.8
2013-10-05 08:41 - 2011-06-25 09:39 - 00001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001Core.job
2013-09-28 09:15 - 2013-09-28 09:15 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Janine\Downloads\tdsskiller.exe
2013-09-22 11:04 - 2011-09-01 19:21 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Winamp
2013-09-21 17:28 - 2013-09-21 17:28 - 02347384 _____ (ESET) C:\Users\Janine\Downloads\esetsmartinstaller_enu.exe
2013-09-20 18:48 - 2013-08-30 06:44 - 00000000 ____D C:\AdwCleaner
2013-09-20 18:45 - 2013-09-20 18:45 - 00035678 _____ C:\Users\Janine\Downloads\FRST1.txt
2013-09-20 18:44 - 2013-09-20 18:43 - 00035678 _____ C:\Users\Janine\Downloads\FRST.txt
2013-09-20 18:37 - 2013-09-20 18:37 - 01039554 _____ C:\Users\Janine\Downloads\adwcleaner.exe
2013-09-20 17:20 - 2013-09-20 17:20 - 00377856 _____ C:\Users\Janine\Downloads\gmer_2.1.19163.exe
2013-09-20 17:19 - 2013-09-20 17:18 - 00025351 _____ C:\Users\Janine\Downloads\Addition.txt
2013-09-20 17:17 - 2013-09-20 17:17 - 00000000 ____D C:\FRST
2013-09-20 17:15 - 2013-09-20 17:15 - 00050477 _____ C:\Users\Janine\Downloads\Defogger.exe
2013-09-20 17:15 - 2013-09-20 17:15 - 00000474 _____ C:\Users\Janine\Downloads\defogger_disable.log
2013-09-20 17:15 - 2013-09-20 17:15 - 00000000 _____ C:\Users\Janine\defogger_reenable
2013-09-20 17:15 - 2011-02-23 20:11 - 00000000 ____D C:\Users\Janine
2013-09-20 15:37 - 2011-03-19 18:26 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2013-09-20 15:37 - 2011-03-19 18:23 - 00000000 ____D C:\Program Files (x86)\Sony Ericsson
2013-09-20 15:37 - 2011-02-23 20:12 - 00000000 ___RD C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-20 11:04 - 2012-03-30 06:41 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 11:03 - 2012-03-30 06:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 11:03 - 2011-06-03 23:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-19 11:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-18 21:13 - 2012-10-12 17:29 - 00000000 ____D C:\Users\Janine\FM_Transmitter_02
2013-09-12 18:43 - 2011-02-23 20:12 - 00000000 ___RD C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 18:42 - 2009-07-14 06:45 - 00294344 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 07:07 - 2013-07-27 03:10 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 06:58 - 2011-02-23 21:08 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Janine\AppData\Local\Temp\AskSLib.dll
C:\Users\Janine\AppData\Local\Temp\install_flashplayer11x32axau_gtbd_chrd_dn_aaa_aih.exe
C:\Users\Janine\AppData\Local\Temp\install_flashplayer11x32ax_gtbd_chrd_dn_aaa_aih.exe
C:\Users\Janine\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-21 20:26

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Janine at 2013-10-05 17:01:33
Running from C:\Users\Janine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VJ11R1I
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.0.112)
Advertising Center (x32 Version: 0.0.0.1)
Avanquest update (x32 Version: 1.28)
AVS Screen Capture version 2.0.1 (x32)
AVS Update Manager 1.0 (x32)
AVS Video Converter 8 (x32)
AVS Video Recorder 2.4 (x32)
AVS Video ReMaker 4.0.2.126 (x32)
AVS4YOU Software Navigator 1.4 (x32)
Content Manager 2 (x32 Version: 3.4.1.11834)
D3DX10 (x32 Version: 15.4.2368.0902)
DVD Flick 1.3.0.7 (x32 Version: 1.3.0.7)
Free M4a to MP3 Converter 7.1 (x32)
Free Mp3 Wma Converter V 2.2 (x32 Version: 2.2.0.0)
Free YouTube to MP3 Converter version 3.9.33 (x32)
GIMP 2.8.6 (Version: 2.8.6)
Google Chrome (HKCU Version: 30.0.1599.69)
ImagXpress (x32 Version: 7.0.74.0)
Java 7 Update 15 (x32 Version: 7.0.150)
Java Auto Updater (x32 Version: 2.1.9.0)
Media Go (x32 Version: 2.1.392)
Media Go Video Playback Engine 1.88.116.12060 (x32 Version: 1.88.116.12060)
MFC RunTime files (x32 Version: 1.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Corporation (x32 Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (x32 Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MP4 To MP3 Converter V3.0 (x32)
MSVCRT (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Naviextras Toolbox Prerequesities (x32 Version: 1.0.0)
Nero 9 Essentials (x32)
Nero BurnRights (x32 Version: 3.4.10.100)
Nero BurnRights Help (x32 Version: 3.4.4.100)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero CoverDesigner (x32 Version: 4.4.9.203)
Nero CoverDesigner Help (x32 Version: 4.4.6.100)
Nero DiscSpeed (x32 Version: 5.4.7.202)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.10.100)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero InfoTool (x32 Version: 6.4.7.204)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.8.1)
Nero StartSmart (x32 Version: 9.4.11.207)
Nero StartSmart Help (x32 Version: 9.4.1.100)
Nero StartSmart OEM (x32 Version: 9.4.10.100)
neroxml (x32 Version: 1.0.0)
Norton Internet Security (x32 Version: 20.4.0.40)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
PlayStation(R)Network Downloader (x32 Version: 2.07.00849)
PlayStation(R)Store (x32 Version: 4.7.14.14146)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.15.0)
Skype Click to Call (x32 Version: 5.6.8442)
Skype™ 5.10 (x32 Version: 5.10.116)
Sony PC Companion 2.10.108 (x32 Version: 2.10.108)
Spotify (HKCU Version: 0.8.4.124.ga3559d86)
swMSM (x32 Version: 12.0.0.1)
Uninstall 1.0.0.1 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Ver 1.2.0 (x32)
Winamp (x32 Version: 5.64 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
WinRAR
WISO Steuer-Sparbuch 2011 (x32 Version: 18.00.6928)
WISO Steuer-Sparbuch 2012 (x32 Version: 19.00.7304)
WISO Steuer-Sparbuch 2013 (x32 Version: 20.00.8137)

==================== Restore Points  =========================

24-08-2013 12:56:01 Geplanter Prüfpunkt
02-09-2013 14:27:34 Geplanter Prüfpunkt
12-09-2013 04:42:59 Windows Modules Installer
12-09-2013 04:49:31 Windows Modules Installer
19-09-2013 09:42:06 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {4F74EC6C-39AE-4805-B88C-B5E1AB106398} - System32\Tasks\{46BFADCD-A8AB-474A-8B35-B4C9F64196C3} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {554D27B3-117B-46BE-85EE-C240EA7E0B2D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001UA => C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-25] (Google Inc.)
Task: {69019E76-8D07-498E-A649-01FB6810A3C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001Core => C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-25] (Google Inc.)
Task: {7BA9D501-A71D-49E1-99BE-45FFD2971C3A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20] (Adobe Systems Incorporated)
Task: {9CA17B01-7F3B-46D9-9A9C-C9B0C09585C1} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {B94597EA-A5DE-41E2-8DA1-89558228BD64} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
Task: {C5373CC3-CA53-4BAB-AA74-707088BDF4C0} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {CD122EE0-D50A-4645-8FDC-67EF5D2E3EDB} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001Core.job => C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2731253187-140697436-2083052460-1001UA.job => C:\Users\Janine\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-02-27 18:32 - 2013-02-13 13:35 - 08907856 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wgui13.dll
2013-02-27 18:33 - 2013-02-13 13:35 - 00028672 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\rsdcom48.dll
2013-02-27 18:33 - 2013-02-13 13:34 - 00308816 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\rscorewinapi48.dll
2013-02-27 18:33 - 2013-02-13 13:34 - 00321104 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\rsguiwinapi48.dll
2013-02-27 18:32 - 2013-02-13 13:36 - 02980944 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wcore13.dll
2013-02-27 18:33 - 2013-02-13 13:35 - 00136272 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\rsodbc48.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 02152528 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wfvie13.dll
2013-02-27 18:33 - 2013-02-13 13:34 - 01604176 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wsteu13.dll
2013-02-27 18:33 - 2013-02-13 13:34 - 01716304 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wreli13.dll
2013-02-27 18:32 - 2013-02-12 13:25 - 04128848 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wauff13.dll
2013-01-17 15:30 - 2013-02-12 13:03 - 01041408 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-core.dll
2013-01-17 15:30 - 2013-02-12 13:03 - 00094208 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-shared.dll
2013-01-17 15:30 - 2013-02-12 13:03 - 00251392 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
2013-02-27 18:33 - 2013-02-13 13:35 - 01467984 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wmain13.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 04923984 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae113.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01367632 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae213.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01747024 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae313.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01556048 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wbae413.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01150032 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\whau113.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01202768 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\whau213.dll
2013-02-27 18:33 - 2013-02-13 13:35 - 01310800 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wwerb13.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 06758480 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wkont13.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01230848 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wimp13.dll
2013-02-27 18:32 - 2013-02-13 13:35 - 01313872 _____ () C:\Program Files (x86)\WISO\Steuersoftware 2013\wfabu13.dll
2011-01-17 17:19 - 2011-11-07 20:24 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-07-09 06:59 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2013-10-05 13:54 - 2013-10-03 08:02 - 00698832 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
2013-10-05 13:54 - 2013-10-03 08:02 - 00099792 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
2013-10-05 13:54 - 2013-10-03 08:03 - 04055504 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
2013-10-05 13:54 - 2013-10-03 08:03 - 00415184 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
2013-10-05 13:54 - 2013-10-03 08:02 - 01604560 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
2013-07-09 06:59 - 2012-05-30 08:51 - 00699280 ____R () C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll
2013-10-05 13:54 - 2013-10-03 08:03 - 13611984 _____ () C:\Users\Janine\AppData\Local\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: seehcri
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (10/05/2013 04:13:07 PM) (Source: Application Hang) (User: )
Description: Programm IEXPLORE.EXE, Version 10.0.9200.16686 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8590

Startzeit: 01cec1d3a8386f6d

Endzeit: 63

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (09/24/2013 01:10:44 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16686, Zeitstempel: 0x52058cf0
Name des fehlerhaften Moduls: AUDIOSES.DLL, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b725
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008d5d
ID des fehlerhaften Prozesses: 0x6b30
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (09/23/2013 05:17:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (09/22/2013 10:51:06 AM) (Source: Application Hang) (User: )
Description: Programm chrome.exe, Version 29.0.1547.76 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bbc

Startzeit: 01ceb767da524eae

Endzeit: 83

Anwendungspfad: C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe

Berichts-ID: 0bf0e4c4-2364-11e3-af9a-e839df082830

Error: (09/21/2013 08:27:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/21/2013 08:26:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (09/21/2013 05:36:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/21/2013 05:29:52 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/21/2013 05:29:48 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/21/2013 05:29:48 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/05/2013 01:17:25 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (10/05/2013 08:39:55 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (10/05/2013 08:39:49 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (10/04/2013 04:14:31 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (10/04/2013 06:37:20 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (10/04/2013 06:37:14 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/30/2013 07:39:09 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/30/2013 06:46:46 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/30/2013 01:47:15 PM) (Source: ipnathlp) (User: )
Description: 0

Error: (09/29/2013 00:23:06 PM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (10/05/2013 04:13:07 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE10.0.9200.16686859001cec1d3a8386f6d63C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (09/24/2013 01:10:44 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1668652058cf0AUDIOSES.DLL6.1.7601.175144ce7b725c000000500008d5d6b3001ceb8abe353d4bdC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\AUDIOSES.DLL5f4075b1-24a5-11e3-af9a-e839df082830

Error: (09/23/2013 05:17:59 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (09/22/2013 10:51:06 AM) (Source: Application Hang)(User: )
Description: chrome.exe29.0.1547.76bbc01ceb767da524eae83C:\Users\Janine\AppData\Local\Google\Chrome\Application\chrome.exe0bf0e4c4-2364-11e3-af9a-e839df082830

Error: (09/21/2013 08:27:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (09/21/2013 08:26:31 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (09/21/2013 05:36:34 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/21/2013 05:29:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Janine\Downloads\esetsmartinstaller_enu.exe

Error: (09/21/2013 05:29:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Janine\Downloads\esetsmartinstaller_enu.exe

Error: (09/21/2013 05:29:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Janine\Downloads\esetsmartinstaller_enu.exe


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3892.55 MB
Available physical RAM: 2173.95 MB
Total Pagefile: 7783.29 MB
Available Pagefile: 5953.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:400.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 0DCE7163)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Antwort

Themen zu Windows 7: Viel Werbung und Videos im Hintergrund
4d36e972-e325-11ce-bfc1-08002be10318, converter, desktop, downloader, farbar, farbar recovery scan tool, fehler, fehlercode 1, flash player, google, helper, home, homepage, iexplore.exe, installation, mp3, msiinstaller, nicht installiert, problem, registry, required, richtlinie, scan, security, spyware, svchost.exe, symantec, system, usb, viel werbung, werbung, windows, wiso, wma



Ähnliche Themen: Windows 7: Viel Werbung und Videos im Hintergrund


  1. Windows 7: RAM-Fehler und Videos werden im Hintergrund abgespielt
    Log-Analyse und Auswertung - 24.06.2015 (10)
  2. Windows 8/ ungewollte AddOns, langsam, sehr viel Werbung
    Log-Analyse und Auswertung - 11.03.2015 (6)
  3. Sehr viel Werbung so wie Hintergrund Musik
    Plagegeister aller Art und deren Bekämpfung - 09.03.2015 (5)
  4. Windows 8 - Audio-Werbung im Hintergrund!
    Log-Analyse und Auswertung - 28.01.2015 (9)
  5. Windows 8: sehr langsames Internet und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 28.12.2014 (15)
  6. Windows - Browser langsam und viel Werbung (v.a. Ads by Softonic)
    Log-Analyse und Auswertung - 21.12.2014 (12)
  7. Windows 7: unerwünschte Audio Werbung im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 10.11.2014 (15)
  8. Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher
    Log-Analyse und Auswertung - 03.09.2014 (11)
  9. Plötzlich viel Werbung im Browser Bräuchte mal rat Windows 7 64bit
    Plagegeister aller Art und deren Bekämpfung - 20.05.2014 (21)
  10. Crome Windows 8.1 - viel Werbung trotz Adblock
    Plagegeister aller Art und deren Bekämpfung - 24.04.2014 (16)
  11. Viel zu viel Werbung -.- Windows 7 Acer Laptop
    Log-Analyse und Auswertung - 03.02.2014 (7)
  12. Extrem viel Werbung beim Serven in Windows 7
    Plagegeister aller Art und deren Bekämpfung - 29.01.2014 (11)
  13. Windows 7 - extrem viel Werbung - Rechner immer langsamer!
    Plagegeister aller Art und deren Bekämpfung - 10.01.2014 (9)
  14. Windows 8 Laptop-Sehr viel Werbung in Browsern
    Log-Analyse und Auswertung - 24.11.2013 (3)
  15. Windows 8: Bekomme sehr viel Werbung/PC langsam
    Plagegeister aller Art und deren Bekämpfung - 17.09.2013 (13)
  16. Windows XP: langsames Internet und viel Spam-Werbung
    Plagegeister aller Art und deren Bekämpfung - 03.09.2013 (15)
  17. Musik/Videos im Hintergrund
    Plagegeister aller Art und deren Bekämpfung - 25.04.2011 (1)

Zum Thema Windows 7: Viel Werbung und Videos im Hintergrund - Hallo, seit einiger Zeit habe ich vermehrt Werbung in Foren und Facebook. Zudem tritt seit ein paar Tagen ab und an der Sound von Werbevideos auf, die ich aber nicht - Windows 7: Viel Werbung und Videos im Hintergrund...
Archiv
Du betrachtest: Windows 7: Viel Werbung und Videos im Hintergrund auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.