Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Virus: APPL/DomaIQ.gen7

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.10.2013, 13:10   #1
Tausenddank
 
Virus: APPL/DomaIQ.gen7 - Ausrufezeichen

Virus: APPL/DomaIQ.gen7



Liebes Trojanerboard Forum,
Letztens habe ich ich einen vollständigen System-Virenscann mit Avira DE-Cleaner
( vorher schon mit Norton ) durchgeführt. Nachdem Norton gerade mal 500.000 Dateien gerüft hat und nichts gefunden wurde, hat Avira De-Cleaner folgenden Virus gefunden APPL/DomaIQ.gen7. ( Setup.exe ). Also habe ich einfach Auswahl entfernen
gedrückt. Als Protokoll am Ende kam dann dies:

Beginne mit der Suche in 'C:\' <OS>
C:\swapfile.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Users\Maxi\Downloads\Setup.exe
[0] Archivtyp: NSIS
[FUND] Enthält Erkennungsmuster der Anwendung APPL/DomaIQ.Gen7
--> [UnknownDir]
[FUND] Enthält Erkennungsmuster der Anwendung APPL/DomaIQ.614421
Beginne mit der Suche in 'D:\' <RECOVERY>

Beginne mit der Desinfektion:
Der Systemwiederherstellungspunkt wurde erfolgreich angelegt.
C:\Users\Maxi\Downloads\Setup.exe
[FUND] Enthält Erkennungsmuster der Anwendung APPL/DomaIQ.Gen7
[HINWEIS] Eine Sicherungskopie wurde unter dem Namen 503c3654.qua erstellt ( QUARANTÄNE )


Meine Frage ist nun ob ich jetzt einen zu 100% uninfizierten LapTop habe und der Virus für immer entfernt wurde und nichts mehr anrichten kann. Ausserdem war es überhaupt ein Virus ( Enthält Erkennungsmuster der Anwendung APPL/DomaIQ.614421 ) und was kann der anstellen.

Vielen Dank für Hilfe

Alt 17.10.2013, 13:23   #2
aharonov
/// TB-Ausbilder
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Hallo,

Zitat:
Ausserdem war es überhaupt ein Virus ( Enthält Erkennungsmuster der Anwendung APPL/DomaIQ.614421 )
Nein, nur ein Download, der ein bisschen Adware (unerwünschte Werbung) dabei hat. Völlig harmlos.

Zitat:
Meine Frage ist nun ob ich jetzt einen zu 100% uninfizierten LapTop
Sowas wie 100% gibt's prinzipiell nicht.
Ich kann dir mal drüber schauen, wie es aussieht:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 17.10.2013, 13:39   #3
Tausenddank
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Maxi at 2013-10-17 14:34:30
Running from C:\Users\Maxi\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Absolute Reminder (x32 Version: 2.1.0.8)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.5.635)
Assassin’s Creed® III (x32)
Battlefield 3™ (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.3.0)
Bonjour (Version: 3.0.0.10)
Call of Duty: Modern Warfare 2 - Multiplayer (x32)
Call of Duty: Modern Warfare 2 (x32)
Canon MP560 series MP Drivers
Connected Music powered by Universal Music Group version 1.0 (x32 Version: 1.0)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925)
CyberLink PowerDVD (x32 Version: 10.0.6.4319)
CyberLink YouCam (x32 Version: 3.5.4.5527)
D3DX10 (x32 Version: 15.4.2368.0902)
EAX Unified (x32)
Energy Star (Version: 1.0.8)
ESN Sonar (x32 Version: 0.70.4)
FIFA 14 (x32 Version: 1.0.0.2)
GeForce Experience NvStream Client Components (Version: 0.1.87)
Grand Theft Auto IV (x32)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0)
HP 3D DriveGuard (Version: 4.2.9.1)
HP Connected Music (Meridian - installer) (x32 Version: v1.0)
HP CoolSense (x32 Version: 2.10.3)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Documentation (x32 Version: 1.1.0.0)
HP Postscript Converter (Version: 3.1.3554)
HP Quick Launch (x32 Version: 3.0.4)
HP Recovery Manager (x32 Version: 7.00)
HP Registration Service (Version: 1.0.5976.4186)
HP Software Framework (x32 Version: 4.6.8.1)
HP Support Assistant (x32 Version: 7.0.32.44)
HP Utility Center (x32 Version: 1.0.7)
HP Wireless Button Driver (x32 Version: 1.0.5.1)
IDT Audio (x32 Version: 1.0.6417.0)
Infestation: Survivor Stories (x32)
Inhaltsmanager-Assistent für PlayStation(R) (x32 Version: 2.10.6402.20)
Intel(R) Management Engine Components (x32 Version: 8.1.30.1349)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Start Technology (x32 Version: 2.1.0.1002)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
Mafia II (x32)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.0.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 15.4.2862.0708)
Norton 360 (x32 Version: 21.0.2.1)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 327.23 (Version: 327.23)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA Optimus 8.3.14 (Version: 8.3.14)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA Systemsteuerung 327.23 (Version: 327.23)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
Origin (x32 Version: 9.3.2.2730)
PlanetSide 2 (x32)
PunkBuster Services (x32 Version: 0.991)
Qualcomm Atheros Driver Installation Program (x32 Version: 10.0)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.29029)
Saints Row: The Third (x32)
SHIELD Streaming (Version: 1.05.28)
Skype™ 6.7 (x32 Version: 6.7.102)
Spec Ops: The Line (x32)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.10.12)
Unity Web Player (HKCU Version: )
Uplay (x32 Version: 2.0)
War Inc. Battlezone (x32)
Warframe (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

==================== Restore Points =========================

30-09-2013 18:21:44 DirectX wurde installiert
08-10-2013 12:49:49 Geplanter Prüfpunkt
09-10-2013 18:16:23 DirectX wurde installiert
15-10-2013 14:24:45 HPSF Applying updates
15-10-2013 14:24:47 HPSF Applying updates

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00554063-4C10-4FA5-B8D8-AB484729C9C5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\WSCStub.exe [2013-09-17] (Symantec Corporation)
Task: {24FC3216-9723-404A-9937-A131104DA360} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {270C18FB-D645-4B6B-B8E5-587B88946B4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {40A21CA5-418F-4D6E-AE8B-4DA41BC80D1D} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {45249231-2D56-41B7-A82A-D438F6BCB6A2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {4C894997-A79A-4CD9-ABE0-4070123C8211} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {4FB68239-F35F-4F9F-8F4B-3DCFE3445541} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {639B68F1-7FEA-4985-8870-DCC4F8E5387B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {70B7CEFD-13C1-49AF-892D-737A389CB758} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {71FE14E1-5572-48D2-B893-40583DEF0BD5} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {7671E920-69AB-4E2E-806D-536A1B1D6435} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {AC0415A0-944A-4AA9-902E-8B777378DE3F} - System32\Tasks\GameNet => C:\Windows\System32\C:/Program Files (x86)/QGNA/qGNA.exe
Task: {CA7D7CEC-91A7-45B2-87EB-93D72BBCE4D8} - System32\Tasks\HPCeeScheduleForMaxi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {E2575B85-DBB1-4EDB-ACB1-D1932C40FB3F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\HPCeeScheduleForMaxi.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-10-04 15:11 - 2013-06-18 13:44 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-04 18:49 - 2012-12-17 18:29 - 00045568 _____ () C:\Users\Maxi\AppData\Local\THORN\QtSolutions_Service-2.6.dll
2013-10-15 19:45 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Lautsprecher und Kopfhörer (IDT High Definition Audio CODEC)
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Truevision HD
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Stereomix (IDT High Definition Audio CODEC)
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2013 02:11:18 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (10/16/2013 08:35:34 PM) (Source: Application Hang) (User: )
Description: Programm WarInc.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8c0

Startzeit: 01ceca95dc95bf5e

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Steam\SteamApps\common\WarIncBattleZone\WarInc.exe

Berichts-ID: bdbfca32-3691-11e3-be86-8434978542b1

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 916000

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 916000

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2203

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2203

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2013 00:24:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

Error: (10/16/2013 00:24:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109


System errors:
=============
Error: (10/16/2013 05:28:37 PM) (Source: DCOM) (User: MaxiKing)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (10/16/2013 05:28:36 PM) (Source: DCOM) (User: MaxiKing)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (10/15/2013 07:05:56 PM) (Source: BugCheck) (User: )
Description: 0x000000c2 (0x0000000000000007, 0x00000000000011c1, 0x0000000004070002, 0xfffffa800752cdc0)C:\Windows\MEMORY.DMP101513-13156-01

Error: (10/15/2013 07:05:47 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎15.‎10.‎2013 um 18:59:58 unerwartet heruntergefahren.

Error: (10/15/2013 07:00:19 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa800ab72880, 0xfffff880009f47f0, 0xfffffa80137306c0)C:\Windows\MEMORY.DMP101513-21484-01

Error: (10/15/2013 06:59:58 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎15.‎10.‎2013 um 18:49:40 unerwartet heruntergefahren.

Error: (10/15/2013 06:48:12 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (10/15/2013 06:48:07 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (10/15/2013 06:48:02 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (10/15/2013 06:47:57 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.


Microsoft Office Sessions:
=========================
Error: (10/17/2013 02:11:18 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (10/16/2013 08:35:34 PM) (Source: Application Hang)(User: )
Description: WarInc.exe0.0.0.08c001ceca95dc95bf5e4294967295C:\Program Files (x86)\Steam\SteamApps\common\WarIncBattleZone\WarInc.exebdbfca32-3691-11e3-be86-8434978542b1

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 916000

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 916000

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2203

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2203

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2013 00:24:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

Error: (10/16/2013 00:24:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109


CodeIntegrity Errors:
===================================
Date: 2013-10-17 14:33:33.425
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-17 14:33:21.534
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-17 14:30:30.603
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-17 14:30:16.353
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-17 13:58:08.404
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-16 21:25:33.278
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-16 21:11:37.531
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-16 21:09:09.757
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-16 20:35:49.546
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-16 20:35:38.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Maxi at 2013-10-17 14:34:30
Running from C:\Users\Maxi\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Absolute Reminder (x32 Version: 2.1.0.8)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.5.635)
Assassin’s Creed® III (x32)
Battlefield 3™ (x32 Version: 1.0.0.0)
Battlelog Web Plugins (x32 Version: 2.3.0)
Bonjour (Version: 3.0.0.10)
Call of Duty: Modern Warfare 2 - Multiplayer (x32)
Call of Duty: Modern Warfare 2 (x32)
Canon MP560 series MP Drivers
Connected Music powered by Universal Music Group version 1.0 (x32 Version: 1.0)
CyberLink PhotoDirector (x32 Version: 2.0.1.3119)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925)
CyberLink PowerDVD (x32 Version: 10.0.6.4319)
CyberLink YouCam (x32 Version: 3.5.4.5527)
D3DX10 (x32 Version: 15.4.2368.0902)
EAX Unified (x32)
Energy Star (Version: 1.0.8)
ESN Sonar (x32 Version: 0.70.4)
FIFA 14 (x32 Version: 1.0.0.2)
GeForce Experience NvStream Client Components (Version: 0.1.87)
Grand Theft Auto IV (x32)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0)
HP 3D DriveGuard (Version: 4.2.9.1)
HP Connected Music (Meridian - installer) (x32 Version: v1.0)
HP CoolSense (x32 Version: 2.10.3)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Documentation (x32 Version: 1.1.0.0)
HP Postscript Converter (Version: 3.1.3554)
HP Quick Launch (x32 Version: 3.0.4)
HP Recovery Manager (x32 Version: 7.00)
HP Registration Service (Version: 1.0.5976.4186)
HP Software Framework (x32 Version: 4.6.8.1)
HP Support Assistant (x32 Version: 7.0.32.44)
HP Utility Center (x32 Version: 1.0.7)
HP Wireless Button Driver (x32 Version: 1.0.5.1)
IDT Audio (x32 Version: 1.0.6417.0)
Infestation: Survivor Stories (x32)
Inhaltsmanager-Assistent für PlayStation(R) (x32 Version: 2.10.6402.20)
Intel(R) Management Engine Components (x32 Version: 8.1.30.1349)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Start Technology (x32 Version: 2.1.0.1002)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.27.757.1)
Mafia II (x32)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.0.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSVCRT (x32 Version: 15.4.2862.0708)
Norton 360 (x32 Version: 21.0.2.1)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Grafiktreiber 327.23 (Version: 327.23)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA Optimus 8.3.14 (Version: 8.3.14)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725)
NVIDIA Systemsteuerung 327.23 (Version: 327.23)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
Origin (x32 Version: 9.3.2.2730)
PlanetSide 2 (x32)
PunkBuster Services (x32 Version: 0.991)
Qualcomm Atheros Driver Installation Program (x32 Version: 10.0)
Realtek Ethernet Controller Driver (x32 Version: 8.3.730.2012)
Realtek PCIE Card Reader (x32 Version: 6.2.8400.29029)
Saints Row: The Third (x32)
SHIELD Streaming (Version: 1.05.28)
Skype™ 6.7 (x32 Version: 6.7.102)
Spec Ops: The Line (x32)
Spotify (HKCU Version: 0.9.4.185.g7545a404)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.10.12)
Unity Web Player (HKCU Version: )
Uplay (x32 Version: 2.0)
War Inc. Battlezone (x32)
Warframe (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

30-09-2013 18:21:44 DirectX wurde installiert
08-10-2013 12:49:49 Geplanter Prüfpunkt
09-10-2013 18:16:23 DirectX wurde installiert
15-10-2013 14:24:45 HPSF Applying updates
15-10-2013 14:24:47 HPSF Applying updates

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00554063-4C10-4FA5-B8D8-AB484729C9C5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\WSCStub.exe [2013-09-17] (Symantec Corporation)
Task: {24FC3216-9723-404A-9937-A131104DA360} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {270C18FB-D645-4B6B-B8E5-587B88946B4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {40A21CA5-418F-4D6E-AE8B-4DA41BC80D1D} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {45249231-2D56-41B7-A82A-D438F6BCB6A2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {4C894997-A79A-4CD9-ABE0-4070123C8211} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {4FB68239-F35F-4F9F-8F4B-3DCFE3445541} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {639B68F1-7FEA-4985-8870-DCC4F8E5387B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-07-13] (Hewlett-Packard)
Task: {70B7CEFD-13C1-49AF-892D-737A389CB758} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {71FE14E1-5572-48D2-B893-40583DEF0BD5} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {7671E920-69AB-4E2E-806D-536A1B1D6435} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {AC0415A0-944A-4AA9-902E-8B777378DE3F} - System32\Tasks\GameNet => C:\Windows\System32\C:/Program Files (x86)/QGNA/qGNA.exe
Task: {CA7D7CEC-91A7-45B2-87EB-93D72BBCE4D8} - System32\Tasks\HPCeeScheduleForMaxi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {E2575B85-DBB1-4EDB-ACB1-D1932C40FB3F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\HPCeeScheduleForMaxi.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-10-04 15:11 - 2013-06-18 13:44 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-04 18:49 - 2012-12-17 18:29 - 00045568 _____ () C:\Users\Maxi\AppData\Local\THORN\QtSolutions_Service-2.6.dll
2013-10-15 19:45 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Lautsprecher und Kopfhörer (IDT High Definition Audio CODEC)
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Truevision HD
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Stereomix (IDT High Definition Audio CODEC)
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2013 02:11:18 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (10/16/2013 08:35:34 PM) (Source: Application Hang) (User: )
Description: Programm WarInc.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8c0

Startzeit: 01ceca95dc95bf5e

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Steam\SteamApps\common\WarIncBattleZone\WarInc.exe

Berichts-ID: bdbfca32-3691-11e3-be86-8434978542b1

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 916000

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 916000

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2203

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2203

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2013 00:24:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

Error: (10/16/2013 00:24:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109


System errors:
=============
Error: (10/16/2013 05:28:37 PM) (Source: DCOM) (User: MaxiKing)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (10/16/2013 05:28:36 PM) (Source: DCOM) (User: MaxiKing)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (10/15/2013 07:05:56 PM) (Source: BugCheck) (User: )
Description: 0x000000c2 (0x0000000000000007, 0x00000000000011c1, 0x0000000004070002, 0xfffffa800752cdc0)C:\Windows\MEMORY.DMP101513-13156-01

Error: (10/15/2013 07:05:47 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎15.‎10.‎2013 um 18:59:58 unerwartet heruntergefahren.

Error: (10/15/2013 07:00:19 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa800ab72880, 0xfffff880009f47f0, 0xfffffa80137306c0)C:\Windows\MEMORY.DMP101513-21484-01

Error: (10/15/2013 06:59:58 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎15.‎10.‎2013 um 18:49:40 unerwartet heruntergefahren.

Error: (10/15/2013 06:48:12 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (10/15/2013 06:48:07 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (10/15/2013 06:48:02 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (10/15/2013 06:47:57 PM) (Source: ACPI) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.


Microsoft Office Sessions:
=========================
Error: (10/17/2013 02:11:18 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (10/16/2013 08:35:34 PM) (Source: Application Hang)(User: )
Description: WarInc.exe0.0.0.08c001ceca95dc95bf5e4294967295C:\Program Files (x86)\Steam\SteamApps\common\WarIncBattleZone\WarInc.exebdbfca32-3691-11e3-be86-8434978542b1

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 916000

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 916000

Error: (10/16/2013 00:39:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2203

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2203

Error: (10/16/2013 00:24:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2013 00:24:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1109

Error: (10/16/2013 00:24:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1109


CodeIntegrity Errors:
===================================
  Date: 2013-10-17 14:33:33.425
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-17 14:33:21.534
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-17 14:30:30.603
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-17 14:30:16.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-17 13:58:08.404
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-16 21:25:33.278
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-16 21:11:37.531
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-16 21:09:09.757
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-16 20:35:49.546
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-10-16 20:35:38.803
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 19%
Total physical RAM: 8084.27 MB
Available physical RAM: 6467.9 MB
Total Pagefile: 16276.27 MB
Available Pagefile: 14681.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:681.39 GB) (Free:441.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.47 GB) (Free:2.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 466E2C46)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 80487483)

Partition: GPT Partition Type
==================== End Of Log ============================
         
--- --- ---

Sry bisschen viel :X
Ist das auch ein sicheres Programm dieses Filepony?
Sind in diesem scann irgendwelche privaten sachen die jetzt hier auf trojanerboard veröffentlicht werden?
__________________

Alt 17.10.2013, 13:47   #4
aharonov
/// TB-Ausbilder
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Zitat:
Ist das auch ein sicheres Programm dieses Filepony?
Sind in diesem scann irgendwelche privaten sachen die jetzt hier auf trojanerboard veröffentlicht werden?
Ja und nein.
Aber du hast zweimal den Inhalt der Addition.txt gepostet. Kannst du bitte auch noch die FRST.txt nachreichen.
__________________
cheers,
Leo

Alt 17.10.2013, 14:10   #5
Tausenddank
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Maxi (administrator) on MAXIKING on 17-10-2013 14:34:01
Running from C:\Users\Maxi\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\N360.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\N360.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(GGS) C:\Users\Maxi\AppData\Local\THORN\Thorn.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1813928 2013-10-09] (Valve Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Maxi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-16] (Spotify Ltd)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3561816 2013-10-16] (Electronic Arts)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [Spotify] - C:\Users\Maxi\AppData\Roaming\Spotify\spotify.exe [4752384 2013-10-16] (Spotify Ltd)
MountPoints2: {574385b6-c9b1-11e2-be77-8434978542b1} - "E:\CMADownloader.exe" 
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] - C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [168616 2013-09-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-12] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {A28F0689-CA9E-46FF-ACB3-73BF34D4AC4B} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Elektronik, Autos, Mode, Sammlerstücke, Gutscheine und mehr Online-Shopping | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {A28F0689-CA9E-46FF-ACB3-73BF34D4AC4B} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Elektronik, Autos, Mode, Sammlerstücke, Gutscheine und mehr Online-Shopping | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=468
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=468
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=120518&tt=gc_&babsrc=SP_ss&mntrId=148B1216D804C957
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {A28F0689-CA9E-46FF-ACB3-73BF34D4AC4B} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = Elektronik, Autos, Mode, Sammlerstücke, Gutscheine und mehr Online-Shopping | eBay ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Maxi\AppData\Roaming\Mozilla\Firefox\Profiles\gn7n163v.default
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Maxi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF

==================== Services (Whitelisted) =================

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-06-18] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-06-18] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.0.2.1\N360.exe [264360 2013-09-17] (Symantec Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-10-10] ()
R2 Thorn; C:\Users\Maxi\AppData\Local\THORN\Thorn.exe [36664 2013-10-17] (GGS)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [1525848 2013-10-02] (Symantec Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [1525848 2013-10-02] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1500020.001\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-10-14] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-10-14] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-10-14] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131015.003\IDSvia64.sys [521816 2013-10-17] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131015.003\IDSvia64.sys [521816 2013-10-17] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-21] (Intel Corporation)
S3 iscFlash; C:\swsetup\sp63046\iscflashx64.sys [69216 2013-10-15] (Insyde Software)
S3 iscFlash; C:\swsetup\sp63046\iscflashx64.sys [69216 2013-10-15] (Insyde Software)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131016.032\ENG64.SYS [126040 2013-10-14] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131016.032\ENG64.SYS [126040 2013-10-14] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131016.032\EX64.SYS [2099288 2013-10-14] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131016.032\EX64.SYS [2099288 2013-10-14] (Symantec Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R0 SMR322; C:\Windows\System32\drivers\SMR322.SYS [96856 2013-10-16] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1500020.001\SRTSP64.SYS [854616 2013-07-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1500020.001\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1500020.001\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1500020.001\SYMEFA64.SYS [1147480 2013-08-05] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1500020.001\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-15] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1500020.001\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1500020.001\SYMNETS.SYS [590424 2013-09-11] (Symantec Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 xhunter1; \??\C:\Windows\xhunter1.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-17 14:33 - 2013-10-17 14:33 - 01954124 _____ (Farbar) C:\Users\Maxi\Downloads\FRST64.exe
2013-10-17 14:33 - 2013-10-17 14:33 - 00000000 ____D C:\FRST
2013-10-16 19:22 - 2013-10-16 19:22 - 12792652 _____ (AVAST Software) C:\Users\Maxi\Downloads\avast_free_antivirus_setup.exe.part
2013-10-16 18:38 - 2013-10-16 18:38 - 00096856 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SMR322.SYS
2013-10-16 15:56 - 2013-10-16 16:05 - 00002065 _____ C:\Users\Maxi\Desktop\Entfernen des Avira DE-Cleaners.lnk
2013-10-16 15:56 - 2013-10-16 16:05 - 00001994 _____ C:\Users\Maxi\Desktop\Avira DE-Cleaner.lnk
2013-10-16 15:29 - 2013-10-16 15:29 - 00000000 ____D C:\ProgramData\APN
2013-10-16 12:46 - 2013-10-16 12:46 - 00883840 _____ C:\Users\Maxi\Downloads\Avira-DE100-Cleaner.exe
2013-10-16 11:39 - 2013-10-16 19:17 - 00000000 ____D C:\Users\Maxi\AppData\Local\NPE
2013-10-16 11:38 - 2013-10-16 11:38 - 00910992 _____ (Symantec Corporation) C:\Users\Maxi\Downloads\AutoDetectPkg(1).exe
2013-10-15 20:04 - 2013-10-15 20:04 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-10-15 19:57 - 2013-10-15 20:01 - 123853152 _____ C:\Users\Maxi\Downloads\avira_free_antivirus_de.exe
2013-10-15 19:53 - 2013-10-15 19:53 - 01021872 _____ (Symantec Corporation) C:\Users\Maxi\Downloads\N360Downloader(1).exe
2013-10-15 19:52 - 2013-10-15 19:53 - 00001305 _____ C:\Users\Maxi\Desktop\Norton-Installationsdateien.lnk
2013-10-15 19:52 - 2013-10-15 19:52 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-10-15 19:51 - 2013-10-15 19:51 - 01021872 _____ (Symantec Corporation) C:\Users\Maxi\Downloads\N360Downloader.exe
2013-10-15 19:51 - 2013-10-15 19:50 - 00910992 _____ (Symantec Corporation) C:\Users\Maxi\Downloads\AutoDetectPkg.exe
2013-10-15 19:45 - 2013-10-15 19:45 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-15 19:45 - 2013-10-15 19:45 - 00000000 ____D C:\Users\Maxi\AppData\Roaming\Mozilla
2013-10-15 19:45 - 2013-10-15 19:45 - 00000000 ____D C:\Users\Maxi\AppData\Local\Mozilla
2013-10-15 19:45 - 2013-10-15 19:45 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-15 19:45 - 2013-10-15 19:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-15 19:44 - 2013-10-15 19:44 - 22589512 _____ (Mozilla) C:\Users\Maxi\Downloads\Firefox Setup 24.0.exe
2013-10-15 19:05 - 2013-10-15 19:05 - 00291792 _____ C:\Windows\Minidump\101513-13156-01.dmp
2013-10-15 18:59 - 2013-10-15 19:00 - 00741200 _____ C:\Windows\Minidump\101513-21484-01.dmp
2013-10-15 18:59 - 2013-10-15 18:59 - 00295920 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-15 16:29 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-10-15 16:29 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-10-15 16:29 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-10-15 16:29 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-15 16:29 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-10-15 16:29 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-10-15 16:29 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-10-15 16:29 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-15 16:29 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-10-15 16:29 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-10-15 16:29 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-10-15 16:29 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-15 16:29 - 2013-07-31 01:30 - 00386923 _____ C:\Windows\system32\ApnDatabase.xml
2013-10-15 16:29 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-10-15 16:29 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-10-15 16:29 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-10-15 16:29 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-10-15 16:28 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-10-15 16:28 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-10-15 16:28 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-10-15 16:28 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-10-15 16:28 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-10-15 16:28 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-10-10 11:16 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-10 11:16 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-10 11:16 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-10 11:16 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-10 11:16 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-10 11:16 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-10 11:16 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-10 11:16 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-10 11:16 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-10 11:16 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-10 11:16 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 11:16 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 11:16 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-10-10 11:16 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-10-10 11:16 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-10 11:16 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-10 11:16 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-10-10 11:16 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-10 11:16 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-10 11:16 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-10 11:16 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-10 11:16 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-10 11:16 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-10 11:16 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-10-10 11:16 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-10 11:16 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-10 11:15 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-10 11:15 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-10 11:15 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-10 11:15 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-10 11:15 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-10 11:15 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-10 11:15 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-10 11:15 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 11:15 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:15 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 11:15 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 11:15 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-10 11:15 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-10-10 11:15 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-10-10 11:15 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-10-10 11:15 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-10-10 11:15 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-10 11:15 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-10 11:15 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-10 11:15 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-10 11:15 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 11:15 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 11:15 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-10 11:15 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-10 11:15 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 11:15 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-10 11:15 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 11:15 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 11:15 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 11:15 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-09 20:18 - 2013-10-10 20:32 - 00000000 ____D C:\Users\Maxi\Documents\Assassin's Creed III
2013-10-09 20:18 - 2013-10-09 19:04 - 03123272 _____ C:\Windows\SysWOW64\pbsvc.exe
2013-10-09 15:30 - 2013-10-09 15:30 - 00000222 _____ C:\Users\Maxi\Desktop\Assassins Creed III.url
2013-10-08 20:50 - 2013-10-08 20:51 - 00000000 ____D C:\Users\Maxi\Documents\Battlefield 4 Beta
2013-10-08 12:13 - 2013-10-11 14:51 - 00000000 ____D C:\Users\Maxi\Documents\Vietnamkrieg
2013-10-04 18:49 - 2013-10-17 14:27 - 00000000 ____D C:\Users\Maxi\AppData\Local\THORN
2013-10-04 18:48 - 2013-10-17 14:30 - 00000000 ____D C:\Games
2013-10-04 18:48 - 2013-10-17 13:59 - 00004306 _____ C:\Windows\System32\Tasks\GameNet
2013-10-04 18:47 - 2013-10-04 18:47 - 00185216 _____ (GGS) C:\Users\Maxi\Downloads\firestorm.exe
2013-10-02 22:58 - 2013-10-02 22:59 - 90658576 _____ (Microsoft Corporation) C:\Users\Maxi\Downloads\msert.exe
2013-10-01 10:01 - 2013-10-01 10:02 - 00000000 ____D C:\Users\Maxi\Documents\Battlefield 4
2013-09-30 14:57 - 2013-09-30 14:57 - 03820328 _____ C:\Users\Maxi\Downloads\battlelog-web-plugins_2.3.0_119 (1).exe
2013-09-30 14:56 - 2013-09-30 14:56 - 03820328 _____ C:\Users\Maxi\Downloads\battlelog-web-plugins_2.3.0_119.exe
2013-09-28 21:40 - 2013-09-28 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Chart Controls
2013-09-27 13:34 - 2013-10-09 18:50 - 00000000 ____D C:\Users\Maxi\Documents\FIFA 14
2013-09-27 13:28 - 2013-09-27 13:29 - 00001252 _____ C:\Users\Public\Desktop\FIFA 14.lnk
2013-09-27 13:28 - 2013-09-27 13:28 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-09-27 13:28 - 2013-09-27 13:28 - 00000000 ____D C:\Windows\system32\NV
2013-09-27 13:28 - 2013-09-27 13:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-27 13:17 - 2013-09-12 10:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 15901448 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 15703688 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-09-27 13:17 - 2013-09-12 10:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432723.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432723.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-27 13:17 - 2013-09-12 10:58 - 00032032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2013-09-27 13:17 - 2013-09-12 10:58 - 00022814 _____ C:\Windows\system32\nvinfo.pb
2013-09-25 20:38 - 2013-09-25 20:38 - 11141487 _____ C:\Users\Maxi\Downloads\Avatar_Windows7.themepack
2013-09-25 20:37 - 2013-09-25 20:37 - 10795685 _____ C:\Users\Maxi\Downloads\Ferrari_Win7Theme.themepack
2013-09-25 20:37 - 2013-09-25 20:37 - 04878799 _____ C:\Users\Maxi\Downloads\Porsche_Windows7.themepack
2013-09-25 20:37 - 2013-09-25 20:37 - 02931580 _____ C:\Users\Maxi\Downloads\Infiniti_Windows7.themepack
2013-09-25 18:39 - 2013-09-25 18:39 - 00716526 _____ C:\Users\Maxi\Downloads\pbsetup (1).zip
2013-09-25 15:03 - 2013-09-25 15:03 - 00000000 ____D C:\ProgramData\InstallShield
2013-09-25 12:49 - 2013-09-25 12:49 - 03819328 _____ C:\Users\Maxi\Downloads\battlelog-web-plugins_2.3.0_118.exe
2013-09-25 11:50 - 2013-10-16 18:49 - 00000000 ____D C:\Users\Maxi\AppData\Roaming\Skype
2013-09-25 11:50 - 2013-09-25 11:50 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-25 11:50 - 2013-09-25 11:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-25 11:50 - 2013-09-25 11:50 - 00000000 ____D C:\ProgramData\Skype
2013-09-25 11:48 - 2013-09-25 11:48 - 01492848 _____ (Skype Technologies S.A.) C:\Users\Maxi\Downloads\SkypeSetup.exe
2013-09-23 19:45 - 2013-09-23 19:45 - 00000000 ____D C:\Users\Maxi\Documents\Battlefield 3
2013-09-23 19:43 - 2013-10-11 20:16 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-09-23 19:43 - 2013-09-23 19:43 - 03820480 _____ C:\Users\Maxi\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-09-23 19:43 - 2013-09-23 19:43 - 00000000 ____D C:\Users\Maxi\AppData\Local\ESN
2013-09-23 19:42 - 2013-09-23 19:42 - 00000000 ____D C:\ProgramData\EA Core
2013-09-23 17:31 - 2013-09-23 17:31 - 00001176 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-09-22 15:58 - 2013-09-22 15:59 - 00000022 _____ C:\Users\Maxi\Downloads\pbsetup.zip
2013-09-22 15:57 - 2013-09-22 15:56 - 00840264 _____ C:\Windows\SysWOW64\pbsvc (1).exe
2013-09-19 20:20 - 2013-09-19 17:13 - 03130440 _____ C:\Windows\SysWOW64\pbsvc_blr.exe

==================== One Month Modified Files and Folders =======

2013-10-17 14:33 - 2013-10-17 14:33 - 01954124 _____ (Farbar) C:\Users\Maxi\Downloads\FRST64.exe
2013-10-17 14:33 - 2013-10-17 14:33 - 00000000 ____D C:\FRST
2013-10-17 14:30 - 2013-10-04 18:48 - 00000000 ____D C:\Games
2013-10-17 14:30 - 2013-05-26 16:46 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-17 14:27 - 2013-10-04 18:49 - 00000000 ____D C:\Users\Maxi\AppData\Local\THORN
2013-10-17 14:17 - 2013-05-26 16:33 - 01481728 _____ C:\Windows\WindowsUpdate.log
2013-10-17 14:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-17 13:59 - 2013-10-04 18:48 - 00004306 _____ C:\Windows\System32\Tasks\GameNet
2013-10-17 13:58 - 2013-09-10 19:46 - 00000000 ____D C:\Program Files (x86)\Origin
2013-10-16 20:35 - 2013-06-06 14:28 - 00000000 ____D C:\Users\Maxi\AppData\Local\Spotify
2013-10-16 20:35 - 2013-06-06 14:26 - 00000000 ____D C:\Users\Maxi\AppData\Roaming\Spotify
2013-10-16 19:22 - 2013-10-16 19:22 - 12792652 _____ (AVAST Software) C:\Users\Maxi\Downloads\avast_free_antivirus_setup.exe.part
2013-10-16 19:17 - 2013-10-16 11:39 - 00000000 ____D C:\Users\Maxi\AppData\Local\NPE
2013-10-16 18:53 - 2013-09-09 21:33 - 00000000 ____D C:\Users\Maxi\Documents\Youcam
2013-10-16 18:49 - 2013-09-25 11:50 - 00000000 ____D C:\Users\Maxi\AppData\Roaming\Skype
2013-10-16 18:48 - 2012-08-25 03:36 - 00830120 _____ C:\Windows\system32\perfh007.dat
2013-10-16 18:48 - 2012-08-25 03:36 - 00188224 _____ C:\Windows\system32\perfc007.dat
2013-10-16 18:48 - 2012-07-26 09:28 - 01949368 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-16 18:43 - 2012-08-04 00:23 - 00775774 _____ C:\Windows\PFRO.log
2013-10-16 18:43 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-16 18:38 - 2013-10-16 18:38 - 00096856 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SMR322.SYS
2013-10-16 18:38 - 2012-10-04 15:38 - 00000000 ____D C:\ProgramData\Norton
2013-10-16 16:05 - 2013-10-16 15:56 - 00002065 _____ C:\Users\Maxi\Desktop\Entfernen des Avira DE-Cleaners.lnk
2013-10-16 16:05 - 2013-10-16 15:56 - 00001994 _____ C:\Users\Maxi\Desktop\Avira DE-Cleaner.lnk
2013-10-16 16:04 - 2013-08-06 15:24 - 00000346 _____ C:\Windows\Tasks\HPCeeScheduleForMaxi.job
2013-10-16 16:04 - 2013-05-26 16:34 - 00000000 ___RD C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-16 16:04 - 2013-05-26 16:34 - 00000000 ___RD C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-16 16:04 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-10-16 16:03 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-10-16 15:29 - 2013-10-16 15:29 - 00000000 ____D C:\ProgramData\APN
2013-10-16 12:46 - 2013-10-16 12:46 - 00883840 _____ C:\Users\Maxi\Downloads\Avira-DE100-Cleaner.exe
2013-10-16 12:24 - 2013-05-26 16:41 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2798319387-2517956451-2631063770-1002
2013-10-16 11:38 - 2013-10-16 11:38 - 00910992 _____ (Symantec Corporation) C:\Users\Maxi\Downloads\AutoDetectPkg(1).exe
2013-10-15 20:13 - 2013-08-06 15:24 - 00003158 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMaxi
2013-10-15 20:13 - 2013-05-26 16:33 - 00000000 ____D C:\Users\Maxi
2013-10-15 20:07 - 2013-05-28 10:51 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2013-10-15 20:04 - 2013-10-15 20:04 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-10-15 20:03 - 2013-05-28 10:53 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-10-15 20:03 - 2013-05-28 10:53 - 00008222 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-10-15 20:03 - 2013-05-28 10:53 - 00003204 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-10-15 20:03 - 2013-05-28 10:53 - 00002312 _____ C:\Users\Public\Desktop\Norton 360.lnk
2013-10-15 20:02 - 2013-05-28 10:51 - 00000000 ____D C:\Program Files (x86)\Norton 360
2013-10-15 20:01 - 2013-10-15 19:57 - 123853152 _____ C:\Users\Maxi\Downloads\avira_free_antivirus_de.exe
2013-10-15 19:53 - 2013-10-15 19:53 - 01021872 _____ (Symantec Corporation) C:\Users\Maxi\Downloads\N360Downloader(1).exe
2013-10-15 19:53 - 2013-10-15 19:52 - 00001305 _____ C:\Users\Maxi\Desktop\Norton-Installationsdateien.lnk
2013-10-15 19:53 - 2013-09-14 19:25 - 00032768 ___SH C:\Users\Maxi\Desktop\Thumbs.db
2013-10-15 19:52 - 2013-10-15 19:52 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-10-15 19:51 - 2013-10-15 19:51 - 01021872 _____ (Symantec Corporation) C:\Users\Maxi\Downloads\N360Downloader.exe
2013-10-15 19:50 - 2013-10-15 19:51 - 00910992 _____ (Symantec Corporation) C:\Users\Maxi\Downloads\AutoDetectPkg.exe
2013-10-15 19:46 - 2013-05-28 10:54 - 00000000 ____D C:\Users\Maxi\AppData\Local\Google
2013-10-15 19:46 - 2013-05-28 10:54 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-15 19:45 - 2013-10-15 19:45 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-15 19:45 - 2013-10-15 19:45 - 00000000 ____D C:\Users\Maxi\AppData\Roaming\Mozilla
2013-10-15 19:45 - 2013-10-15 19:45 - 00000000 ____D C:\Users\Maxi\AppData\Local\Mozilla
2013-10-15 19:45 - 2013-10-15 19:45 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-15 19:45 - 2013-10-15 19:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-15 19:45 - 2013-06-05 08:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-15 19:44 - 2013-10-15 19:44 - 22589512 _____ (Mozilla) C:\Users\Maxi\Downloads\Firefox Setup 24.0.exe
2013-10-15 19:05 - 2013-10-15 19:05 - 00291792 _____ C:\Windows\Minidump\101513-13156-01.dmp
2013-10-15 19:05 - 2013-05-27 22:20 - 00000000 ____D C:\Windows\Minidump
2013-10-15 19:05 - 2013-05-27 22:17 - 740357301 _____ C:\Windows\MEMORY.DMP
2013-10-15 19:00 - 2013-10-15 18:59 - 00741200 _____ C:\Windows\Minidump\101513-21484-01.dmp
2013-10-15 18:59 - 2013-10-15 18:59 - 00295920 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-15 18:40 - 2012-08-04 02:02 - 00000000 ____D C:\SWSetup
2013-10-15 18:38 - 2012-08-24 18:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-15 17:39 - 2013-08-09 20:59 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-15 17:39 - 2013-08-04 16:36 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-10-15 17:39 - 2013-08-04 16:35 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-10-15 17:34 - 2013-07-02 16:32 - 00000000 ____D C:\Users\Maxi\AppData\Local\CrashDumps
2013-10-15 17:29 - 2013-09-10 19:50 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-10-15 16:32 - 2013-05-27 21:53 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-10-15 16:31 - 2012-08-24 18:02 - 00000000 ____D C:\Program Files (x86)\CyberLink
2013-10-15 16:31 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-15 16:23 - 2013-05-27 21:53 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-10-11 20:17 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2013-10-11 20:16 - 2013-09-23 19:43 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2013-10-11 19:47 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-11 14:51 - 2013-10-08 12:13 - 00000000 ____D C:\Users\Maxi\Documents\Vietnamkrieg
2013-10-11 13:30 - 2013-05-30 17:21 - 00000000 ____D C:\Users\Maxi\AppData\Local\Warframe
2013-10-10 20:32 - 2013-10-09 20:18 - 00000000 ____D C:\Users\Maxi\Documents\Assassin's Creed III
2013-10-10 20:24 - 2013-08-09 20:59 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-10-10 20:24 - 2013-08-04 16:36 - 00000000 ____D C:\Users\Maxi\AppData\Local\PunkBuster
2013-10-10 19:09 - 2013-08-03 11:01 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 19:08 - 2013-05-28 09:59 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 20:17 - 2012-08-24 18:09 - 00400928 _____ C:\Windows\DirectX.log
2013-10-09 19:04 - 2013-10-09 20:18 - 03123272 _____ C:\Windows\SysWOW64\pbsvc.exe
2013-10-09 18:50 - 2013-09-27 13:34 - 00000000 ____D C:\Users\Maxi\Documents\FIFA 14
2013-10-09 15:30 - 2013-10-09 15:30 - 00000222 _____ C:\Users\Maxi\Desktop\Assassins Creed III.url
2013-10-09 15:30 - 2013-05-26 17:06 - 00000000 ____D C:\Users\Maxi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-10-08 20:51 - 2013-10-08 20:50 - 00000000 ____D C:\Users\Maxi\Documents\Battlefield 4 Beta
2013-10-08 11:58 - 2012-07-26 09:21 - 00033834 _____ C:\Windows\setupact.log
2013-10-04 18:47 - 2013-10-04 18:47 - 00185216 _____ (GGS) C:\Users\Maxi\Downloads\firestorm.exe
2013-10-02 22:59 - 2013-10-02 22:58 - 90658576 _____ (Microsoft Corporation) C:\Users\Maxi\Downloads\msert.exe
2013-10-02 03:38 - 2013-05-28 10:50 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-05-28 10:50 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-01 15:22 - 2013-09-11 16:58 - 00000000 ____D C:\Users\Maxi\AppData\Roaming\NVIDIA
2013-10-01 10:02 - 2013-10-01 10:01 - 00000000 ____D C:\Users\Maxi\Documents\Battlefield 4
2013-09-30 20:23 - 2013-09-08 16:35 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-30 14:57 - 2013-09-30 14:57 - 03820328 _____ C:\Users\Maxi\Downloads\battlelog-web-plugins_2.3.0_119 (1).exe
2013-09-30 14:56 - 2013-09-30 14:56 - 03820328 _____ C:\Users\Maxi\Downloads\battlelog-web-plugins_2.3.0_119.exe
2013-09-28 21:40 - 2013-09-28 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Chart Controls
2013-09-28 21:40 - 2013-05-28 11:27 - 00000000 ____D C:\Users\Maxi\Documents\My Games
2013-09-27 13:29 - 2013-09-27 13:28 - 00001252 _____ C:\Users\Public\Desktop\FIFA 14.lnk
2013-09-27 13:28 - 2013-09-27 13:28 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-09-27 13:28 - 2013-09-27 13:28 - 00000000 ____D C:\Windows\system32\NV
2013-09-27 13:28 - 2013-09-27 13:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-27 13:28 - 2012-10-04 15:08 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-27 13:27 - 2012-10-04 15:09 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-26 19:47 - 2013-09-12 16:41 - 00000000 ____D C:\Program Files\Mafia
2013-09-25 20:38 - 2013-09-25 20:38 - 11141487 _____ C:\Users\Maxi\Downloads\Avatar_Windows7.themepack
2013-09-25 20:37 - 2013-09-25 20:37 - 10795685 _____ C:\Users\Maxi\Downloads\Ferrari_Win7Theme.themepack
2013-09-25 20:37 - 2013-09-25 20:37 - 04878799 _____ C:\Users\Maxi\Downloads\Porsche_Windows7.themepack
2013-09-25 20:37 - 2013-09-25 20:37 - 02931580 _____ C:\Users\Maxi\Downloads\Infiniti_Windows7.themepack
2013-09-25 18:39 - 2013-09-25 18:39 - 00716526 _____ C:\Users\Maxi\Downloads\pbsetup (1).zip
2013-09-25 15:03 - 2013-09-25 15:03 - 00000000 ____D C:\ProgramData\InstallShield
2013-09-25 12:49 - 2013-09-25 12:49 - 03819328 _____ C:\Users\Maxi\Downloads\battlelog-web-plugins_2.3.0_118.exe
2013-09-25 11:50 - 2013-09-25 11:50 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-09-25 11:50 - 2013-09-25 11:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-25 11:50 - 2013-09-25 11:50 - 00000000 ____D C:\ProgramData\Skype
2013-09-25 11:49 - 2013-05-26 16:33 - 00000000 ____D C:\Users\Maxi\AppData\Local\Packages
2013-09-25 11:48 - 2013-09-25 11:48 - 01492848 _____ (Skype Technologies S.A.) C:\Users\Maxi\Downloads\SkypeSetup.exe
2013-09-23 19:45 - 2013-09-23 19:45 - 00000000 ____D C:\Users\Maxi\Documents\Battlefield 3
2013-09-23 19:43 - 2013-09-23 19:43 - 03820480 _____ C:\Users\Maxi\Downloads\battlelog-web-plugins_2.1.7_115.exe
2013-09-23 19:43 - 2013-09-23 19:43 - 00000000 ____D C:\Users\Maxi\AppData\Local\ESN
2013-09-23 19:42 - 2013-09-23 19:42 - 00000000 ____D C:\ProgramData\EA Core
2013-09-23 19:42 - 2013-09-10 19:48 - 00000000 ____D C:\Users\Maxi\AppData\Local\Origin
2013-09-23 19:42 - 2013-09-10 19:46 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-09-23 19:41 - 2013-09-10 19:46 - 00000000 ____D C:\ProgramData\Origin
2013-09-23 17:31 - 2013-09-23 17:31 - 00001176 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2013-09-23 01:28 - 2013-10-10 11:16 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-10 11:16 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-10 11:16 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-10 11:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-10 11:15 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-10 11:15 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-10 11:15 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-10 11:15 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-23 00:55 - 2013-10-10 11:16 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-23 00:55 - 2013-10-10 11:16 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-10 11:16 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-10 11:16 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-10 11:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-23 00:54 - 2013-10-10 11:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-10 11:15 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-10 11:15 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-10 11:15 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-22 15:59 - 2013-09-22 15:58 - 00000022 _____ C:\Users\Maxi\Downloads\pbsetup.zip
2013-09-22 15:56 - 2013-09-22 15:57 - 00840264 _____ C:\Windows\SysWOW64\pbsvc (1).exe
2013-09-19 17:13 - 2013-09-19 20:20 - 03130440 _____ C:\Windows\SysWOW64\pbsvc_blr.exe

Some content of TEMP:
====================
C:\Users\Maxi\AppData\Local\Temp\avgnt.exe
C:\Users\Maxi\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 12:20

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


sorry und danke. was siehst du daran jetzt eigentlich?

Ich habe Angst, dass ich noch weitere Viren habe ,weil ich manchmal auf unseriösen seiten war (nie etwas gedownloaded), die Avira und Norton nicht erkannt haben. Ist das möglich? Ich habe aber nie Werbung durhc diesen Virus bekommen. :?


Alt 17.10.2013, 14:14   #6
aharonov
/// TB-Ausbilder
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Ich seh da keine Hinweise auf Malwarebefall.
Wir können noch zwei Kontrollscans machen zur Sicherheit:


Schritt 1

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




Schritt 2


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
--> Virus: APPL/DomaIQ.gen7

Alt 17.10.2013, 14:19   #7
Tausenddank
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Ist das zwingend notwendig?

Also Eset Onlne Scanner mach ich nicht. Firewall undso ausschlaten?!

Alt 17.10.2013, 14:22   #8
aharonov
/// TB-Ausbilder
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Zwingen nötig ist da gar nichts. Mir ist egal, was du machst, das sind nur meine Vorschläge, wenn du nach Hilfe fragst.
__________________
cheers,
Leo

Alt 17.10.2013, 14:23   #9
Tausenddank
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Aber ist ja wohl alles weg oder?Und wenn das eh kein richtiger schlimmer Virus war?
Findet Avira und Norton alle Viren?

Alt 17.10.2013, 14:27   #10
aharonov
/// TB-Ausbilder
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Zitat:
Aber ist ja wohl alles weg oder?
Das weiss man nie. Aber das FRST-Log hat wie gesagt gut ausgesehen.

Zitat:
Findet Avira und Norton alle Viren?
Natürlich nicht.
__________________
cheers,
Leo

Alt 17.10.2013, 17:57   #11
Tausenddank
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Ich habe bei meinem Pc wie gesagt nie irgendwelche komischen Veränderungen gespürt und nie Zahlungsinformationen oderso angegeben. Nichts Privates undso. Ich habe mal noch eine Frage undzwar bei meinem Flah Player ( eugnartigerweise 32-bit owbohl ich 64bit hab) steht, dass manche websiten den lokalen speicherplatz benutzen. was heißt denn das?können so viren kommen?bei mir standen einige unseriöse seiten da. Wegen der 2ten möglichkeit um ein Virenscann durchzuführen, den werde ich noch machen habe aber leider erst am Wochenende wieder zeit. es wäre wirklich nett wenn du dann nochmal dir das WordPad dokument ,dass ich dann reinstelle nochmal angucken würdest
Vielen Dank !

Alt 22.10.2013, 20:51   #12
aharonov
/// TB-Ausbilder
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Ok, ich warte noch auf das Log.
__________________
cheers,
Leo

Alt 17.11.2013, 21:03   #13
aharonov
/// TB-Ausbilder
 
Virus: APPL/DomaIQ.gen7 - Standard

Virus: APPL/DomaIQ.gen7



Fehlende Rückmeldung
Dieses Thema wurde aus meinen Abos gelöscht. Somit bekomme ich keine Benachrichtigung mehr über neue Antworten.
Schreib mir eine PM, falls du das Thema doch wieder fortsetzen möchtest. Dann machen wir hier weiter.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass dein Rechner schon sauber ist.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________
cheers,
Leo

Antwort

Themen zu Virus: APPL/DomaIQ.gen7
100%, anwendung, appl/domaiq.614421, appl/domaiq.gen7, archiv, entfernen, entfernt, folgende, hinweis, infizierte, ist das ein virus?, laptop, norton, protokoll, recovery, virus auf dem pc, virus gefunden, warnung



Ähnliche Themen: Virus: APPL/DomaIQ.gen7


  1. Viren (APPL/RedCap (Cloud), SPR/Agent.dkb, TR/Drop.Rotbrow.K.1, ADWARE/InstallCore.Gen7 und zweimal ADWARE/BHO.Bprotector.1.4).
    Plagegeister aller Art und deren Bekämpfung - 10.05.2015 (7)
  2. Windows 7: TR/Crypt.XPACK.Gen7, ADWARE/Adware.Gen7
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (9)
  3. Avira meldet " 'APPL/RedCap (Cloud)' [APPL/RedCap]" und " 'TR/Dldr.Megone.231920' "
    Log-Analyse und Auswertung - 09.01.2015 (13)
  4. Virus APPL/Softpulse.O (Cloud) gefunden!
    Plagegeister aller Art und deren Bekämpfung - 04.11.2014 (9)
  5. Trojan.MSIL.DomaIQ.A (B)
    Plagegeister aller Art und deren Bekämpfung - 14.06.2014 (21)
  6. u.a. AWARE/Agent.71168, APPL/DomaIQ.Gen, Werbung im Browser, PUP.Optional
    Plagegeister aller Art und deren Bekämpfung - 13.04.2014 (18)
  7. Der Virus ADWARE/Adware.Gen7 taucht immer wieder auf!
    Plagegeister aller Art und deren Bekämpfung - 27.12.2013 (3)
  8. Tastatur funktioniert nicht mehr - APPL/Somoto.Gen2 & APPL/Downloader.Gen
    Plagegeister aller Art und deren Bekämpfung - 24.12.2013 (11)
  9. Domaiq entfernen
    Anleitungen, FAQs & Links - 25.10.2013 (2)
  10. Avira meldet Virus oder unerwünschtes Programm 'APPL/BProtector.A' [program]
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (9)
  11. Virenfund: APPL/DomaIQ.gen --- Beheben oder Neuinstallation praktischer?
    Log-Analyse und Auswertung - 17.06.2013 (23)
  12. Avira meldet APPL/DomaIQ.Gen in C:\Users\Alex\AppData\Local\Temp\5sumi_bh.exe.part
    Plagegeister aller Art und deren Bekämpfung - 15.05.2013 (23)
  13. 2x Avira meldet APPL/DomaIQ.Gen in C:\Users\Alex\AppData\Local\Temp\5sumi_bh.exe.part
    Mülltonne - 09.05.2013 (1)
  14. Trojaner DomaIQ
    Plagegeister aller Art und deren Bekämpfung - 25.04.2013 (13)
  15. Virus (TR/Crypt.XPACK.Gen7) oder Fehlalarm?
    Log-Analyse und Auswertung - 23.03.2013 (10)
  16. APPL/Nircmd.2 Virus gefunden
    Plagegeister aller Art und deren Bekämpfung - 29.08.2010 (3)
  17. 'APPL/KillApp.A' [program] und 'HTML/Infected.WebPage.Gen' [virus]
    Log-Analyse und Auswertung - 07.11.2009 (1)

Zum Thema Virus: APPL/DomaIQ.gen7 - Liebes Trojanerboard Forum, Letztens habe ich ich einen vollständigen System-Virenscann mit Avira DE-Cleaner ( vorher schon mit Norton ) durchgeführt. Nachdem Norton gerade mal 500.000 Dateien gerüft hat und nichts - Virus: APPL/DomaIQ.gen7...
Archiv
Du betrachtest: Virus: APPL/DomaIQ.gen7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.